by Nick Lowe - Check Point - Monday, 17 January 2011.
Predicting the distant future of IT security is tricky, but the near future – the next 12 to 18 months – is a little easier. After all, the seeds of what is to come were planted in the recent past. Traditional security threats posed by hackers, viruses and worms over the past 10-plus years are still a concern, and have been joined by newer, emerging threats from the proliferation of Web 2.0 apps, mobile computing and custom attacks.
These threats are dramatically increasing security complexity. But they’re not the only issues concerning businesses. There’s also the simple mistake, or moment of carelessness by a trusted employee when handling data, which can have far-reaching consequences unless the risks are mitigated.
So what specific threats should organizations be preparing for during the coming year? And what are the implications for business IT security infrastructures? Based on our research and feedback from customers, here are Check Point’s thoughts and projections for 2011 and into 2012.
Be Web 2.0 wary
While malware, phishing attacks, Trojans and key-loggers continued to proliferate on Internet applications, the emergence of more rich-media capabilities in Web 2.0 apps and mobile devices will increase the number of drive-by-downloads and sophisticated, blended attacks.
For example, embedded videos and links in social networking pages are becoming popular spots for hackers to embed malware. The more employees that use rich media and Web 2.0 applications in an organisation, the greater the chance of unwittingly exposing the company to an attack – unless the right protection is in place.
Fitting new Windows
According to the Check Point survey mentioned earlier, 7% of organizations have already made the leap to Windows 7 and another 54% plan to migrate in the next two years. In addition, organizations are using an average of nine different vendors to secure their organization's infrastructure from the network to the endpoint, creating difficulties in security management, loss in productivity and potential security holes in between the individual products.
Businesses may find that Windows 7 migration is a good time to look at the number of security vendors’ solutions they are using and decide to consolidate endpoint security solutions. Because Windows 7 presents a clean slate for the OS, it can be a clean slate for security as well.
Virtualization security becomes real
Businesses are starting to leverage virtualization technologies as an additional layer of security defense, supplementing traditional security solutions. Examples include browser and session virtualization that segregates and secures corporate data from the Internet – allowing users the freedom to surf with full protection against drive-by-downloads, phishing attempts and malware.