For many, 2011 will be recalled as the year of the data breach as companies of all sizes made headlines for losing valuable data. Small businesses were no exception as cyber criminals found SMBs as a new favorite target. Looking forward, the threat landscape won’t be getting any better but Symantec foresees 2012 as a year of action for businesses where they’ll start taking tangible steps to protect their businesses from the threats they face.
Click through for 10 IT infrastructure and security predictions for 2012, as identified by Symantec.
While 2010 was largely called the year of the disaster, 2011 actually saw an increase in the number of disasters with the United States experiencing a record 10 weather catastrophes costing more than a billion dollars. At the same time, 2011 research showed that organizations do not understand the importance of disaster preparedness. Half of SMBs do not have a disaster recovery plan in place, and 41 percent said that it never occurred to them to put together a plan while 40 percent stated that disaster preparedness is not a priority for them. Symantec expects that we will continue to see Mother Nature test organizations’ disaster recovery plans in 2012.
The greater likelihood organizations will need to put their disaster recovery plans in action in 2012 puts increased pressure on businesses to be prepared for disasters in the new year. Organizations will need to start looking at business services more holistically. They will need to automate recovery to recover faster and reduce their reliance on personnel. And they will need to become disaster proof. The question will be will they have learned their lesson from 2011 or have to experience it for themselves this year.
Virtualization projects often start small and eventually grow into large portions of the IT environment. In 2012, many companies will combine the VM project teams and infrastructure with corporate IT. This will highlight the need for physical and virtual assets to work together as a platform.
Companies that adopt a silo approach will be laggards in the VM adoption race, and their ROI will continue to decrease as operational costs of running separate environments slow the ability of organizations to convert from physical to virtual. The days that companies could afford separate storage management and backup software for virtual and physical servers are numbered. The answer to managing this complexity is standardizing with tools that work across physical and virtual platforms for systems management, availability, backup, storage management, security, etc. As a result, the security, storage management and backup of both physical and virtual assets together will become the standard.
Data explosion, emergence of virtualization, rapid adoption of new applications and 24×7 business needs have broken traditional backup for small businesses to large enterprises. Due to data growth, the traditional 24-hour or weekend backup window is no longer possible for some organizations. The policy of infinite retention of backups will abate in 2012. As companies are forced to deal with the massive volumes of data, new technologies will emerge that help companies eliminate this glut of information. 2012 will see some major failures in the recovery of information if organizations don’t implement a holistic backup platform that addresses both physical and virtual environments and makes recovery of information easier for IT admins.
Information is both the great enabler and the great disabler, depending on how it is managed. Companies that can gain control over the risks and costs associated with protecting their information will enable the adoption of new mobile, social media and cloud technologies. These organizations will leverage their information assets as competitive advantages and attract the best employees.
Companies that fail to control and protect their data will fall victim to it. Their lack of information governance will prevent the adoption of new technologies, and they will spend more on compliance and eDiscovery.
In 2012, vendors will bring together archiving, eDiscovery, encryption, backup, data loss prevention and other security technologies to give organizations better control over their information assets.
Clouds do not come in a box. You can’t purchase hardware and expect to suddenly have a cloud computing environment. Running your data center more like a cloud vendor is about people and processes — changes that buying new hardware does not achieve. Organizations must change how they purchase IT, how they consume IT and how they organize IT to provide cloud services. Unfortunately, they are overlooking the opportunity to leverage existing infrastructure and investments to build their private cloud.
The practical reality is that many enterprises have an enormous amount of legacy infrastructure that needs to be supported. This makes the installation of new private cloud technologies more evolutionary than revolutionary. The implementation of private cloud components will be incremental. The build out of new, next-generation data centers presents an opportunity to start to lay down private cloud infrastructure more from the ground up. Thus, private cloud technology deployment will be a balancing act between supporting existing infrastructure and moving to deploy infrastructure that enables the IT organization to run IT as a service.
In Symantec’s State of Cloud survey, security was recognized as the top concern and the top goal for organizations of all sizes considering the cloud. Cloud security services such as email security and Web-filtering technology allow SMBs to get enterprise-class security-as-a-service that is always up-to-date on the latest threats. In a recent CompTIA survey of SMBs, nearly one-third have already adopted cloud technology and another 35 percent plan to use the cloud in some form this year. Now that SMBs have developed some comfort-level with the cloud for storage and backup (71 percent of SMB cloud use is for backup and storage), Symantec predicts that SMBs will flock to the cloud for their security needs. That’s why in 2012 Symantec expects SMBs will harness the power of cloud solutions for security.
Symantec’s November Intelligence Report shows that targeted attacks became more prevalent in 2011. Large enterprises, with more than 2,500 employees, received the greatest number of attacks, with 36.7 targeted attacks being blocked each day during 2011. By contrast, small- to medium-sized businesses, with less than 250 employees, had 11.6 targeted attacks blocked daily during the same period. The increasing number of targeted attacks is being driven at least in part by competitive advantage as companies exploit digital espionage to acquire sensitive, proprietary data from competitors. Symantec expects this trend to continue in 2012.
According to Gartner, sales of smartphones were expected to exceed 461 million by the end of 2011, surpassing PC shipments in the process. This explosion has captured cyber criminals’ attention and as a result, 2011 saw significant real growth in the amount of mobile malware. From malware simply seeking to embarrass victims to exploiting premium-rate billing, to malware focused on information theft, it’s undeniable that 2011 was the first year mobile malware presented a true threat to enterprises and consumers.
In addition, despite 2011 being a year of external hacks, CISOs have already begun to shift their focus on insiders once again because of the proliferation of mobile devices. Tablets in particular have become a major concern as employees are bringing them into corporate infrastructures at a rate that outpaces many organization’s ability to secure and manage them and protect the information the employees can access via the tablets. With tablets in hand, the concern has become insiders that fly under the radar of IT to access and send sensitive data, and in the case of the malicious insider, steal highly confidential intellectual property.
A recent Symantec Critical Infrastructure Protection (CIP) Survey found that only 37 percent of companies were completely or significantly engaged in their government’s CIP programs in 2011, versus 56 percent in 2010. It should subsequently come as no surprise that overall CIP readiness on a global scale also fell an average of eight points (from 60 to 63 percent who said they are somewhat/extremely prepared in 2011 compared with 68 to 70 percent in 2010).
When combined with recent revelations around the Duqu threat, the findings of the CIP survey are particularly troubling. At this point in time, there is no reason to assume the attackers behind Duqu were unable to gather the intelligence they were looking for. Thus, it’s quite likely that 2011 saw the foundation for the next Stuxnet-like attack being laid, which may come as soon as 2012.
After what many will call the ‘Year of the Data Breach,’ more organizations are embracing the concept of IT risk management as a means of addressing the root cause of the problem. Increasingly, boardroom discussions center on security threats and risk management, as CISOs are asked by the CEO “How secure is our online e-commerce site?” or “Are we at risk of being attacked by threat X or virus Y?” By taking the traditional role and focusing just on technology, CISOs cannot effectively answer these questions.
In 2012, Symantec predicts that a growing number of CISOs will start to look for more effective ways to communicate IT risks to their executive-level stakeholders. The CISO’s role is evolving from being able to respond to security incidents and meet compliance requirements to being able to communicate IT risk in business-relevant terms. Unfortunately, only one in eight CISOs has successfully made this transition today.
Over the next year, we’ll see more CISO’s looking to deliver valuable qualitative and quantitative metrics to help business leaders make more informed decisions around IT risks. The CISOs who deliver this information in terms that executives can understand and act upon will be the ones who succeed in gaining the resources and support needed to effectively manage these IT risks.
