When it comes to security, there is obviously a lot to be concerned about. But the folks at Blue Coat Systems, a provider of Web security and wide area network optimization products, says there are four security trends that IT organizations should be paying particular attention to in 2012.
The first is the source of the attacks. With two-thirds of all attacks emanating from malnets, Steve Schoenfeld, vice president of product management for Blue Coat, says that the relationships between various botnet services has become a lot more discernible. That means it's also becoming easier to not only identify the source of the attacks, but also predict their occurrence. Given that capability, the IT security battle in 2012 will shift more towards preventing attacks by isolating the source of those attacks, rather than trying to defend perimeters in the enterprise that don't exist. Schoenfeld refers to this as creating a "negative day" defense because if the source of the attack can be isolated, that means that zero-day attacks or any other class of attack is no longer relevant.
The second big shift that Schoenfeld sees is that search engines will become the leading attack vector. Distributors of malware inject code in both legitimate and fake websites to get people to inadvertently download a piece of malware. This approach has proven so successful, despite the rise of reputation filters, in part because cyber criminals can move Web servers quickly from country to country. Schoenfeld says that activity can now be more easily detected, but in the short term things may get worse before they get better because not every IT organization has access to technologies that can track the relationship between different botnet networks and servers.
At the same time, cyber criminals are increasingly leveraging social media to deliver their payloads. As the number of social networks increases, the ability to defend these avenues of attacks becomes more problematic simply because end users are more trusting of the content they encounter on a social network. That trust will get sorely abused in 2012.
Finally, Schoenfeld says that 2012 will also see the rise of a number of high-profile attacks on mobile computing devices. While closed networks for the Apple iPhone and Apple iPad tend to be more secure than networks that are accessed by Google Android devices, the sheer volume of these devices makes them a tempting target for hackers. At this point Schoenfeld says it's not a matter of if these attacks will hit but rather when there will be enough of these devices to make them economically efficient for hackers to start focusing on them as a new opportunity.
The good news is that IT security is getting better. The bad news is that cyber criminals continue to gain access to more sophisticated technologies. The security issue that IT organizations need to address in 2012, says Schoenfeld, is going to be how proactive they want to be about security versus simply waiting for the inevitable security incident to wreak havoc on their IT systems. Based on the amount of time and energy that goes into fixing systems in the wake of such an attack, the return of investment from a more proactive approach to IT security is readily apparent.