It's that time of year again, when thousands of security professionals converge here at the Moscone Center in San Francisco to hear about the latest security technologies and trendiest threats. What will top this year's lists?I've no doubt that the recent "Aurora
" attacks that hit Google, Intel, and apparently hundreds of other U.S. firms will top this year's chatter. While there was nothing inherently new in those attacks - they did reveal
that businesses face determined and skilled attackers. But anyone who has been watching the trends in IT attacks over the past decade has known that attackers have been getting progressively more sophisticated every year and in almost every way: dynamic botnets, more stealthy malware, more rapid development of exploits to newfound vulnerabilities, to rootkits that burrow deep into the operating system to persuasive social engineering tactics.
So I expect to hear a lot about targeted attacks and the so-called Advance Persistent Threat - but I don't expect to hear a lot of truly unique or new ways to combat them.
I also expect to hear a lot about cloud computing security. And for good reason: I'll be spending most of Monday at the Cloud Security Alliance Summit where they'll be discussing everything from the future of the cloud to managing identities in the cloud and sharing some insight on how threats may change as a result of cloud computing.
Hopefully, we'll learn a few things about new cloud security initiatives, and gain insight into how enterprises can best secure their users and data as they evaluate potential ways to leverage private and public cloud infrastructures.