9) Government Security Gets A "Fraud Department"
Speaking of malicious insiders, given the embarrassing release of the State Department cables, expect U.S. bureaucrats to demand that their agencies' networks remain locked down, at least until government information security experts better secure them and restrict access.
But will those efforts actually succeed? "Eventually they might be successful, but it's a lot of work to get there," said Impera's Rachwald. "It's the defender's dilemma: you need to lock up everything, and the bad guy only needs to find one hole."
On the other hand, for the government, "this is really going to help them take a look at how they look at file security," he said. The issue isn't just one of data classification, but also establishing identify, as well as each person's normal document-retrieval usage patterns. Expect to see the government borrow a page from credit card issuers' fraud departments. When data-usage patterns start to look unusual, it's time to investigate.
10) Cyber War Vs. Online Protests, Censorship, Political Attacks
Stuxnet. Web site defacement. Operation Payback. What do they have in common? At one point or another in 2010, each was referenced -- often by media outlets or bureaucrats -- as a sign that cyber war was on the rise.
Whether or not that's true, this very discussion highlights how security in 2011 will evolve. "While the Wikileaks and retaliatory attacks may not represent the start of 'cyberwar,' governments clearly view cyberspace as the battlefield of the future," said Arbor Networks' Labovitz. Furthermore, "the trend towards militarization of the Internet and DDoS used as means of protest, censorship, and political attack is cause for concern," not least because it will continue to have an impact on corporate networks and data security.
Expect the "cyber war" debate to keep raging, along with all that it implies. "The world was a simpler place when DDoS was mainly driven by crime, Internet relay chat spats, and hacker bragging rights," said Labovitz.
Welcome to 2011.
WikiLeaks Tests Feasibility Of Government Data Security
Cheap Botnets A Boon To Hackers
Apple, Social Networks Top Cybercrime Targets In 2011
Symantec Finds Stuxnet Targets Iranian Nuclear Enrichment
CIOs See Smartphones As Data Breach Time Bomb
Federal Cybersecurity Spending To Hit $13.3B By 2015