2012 Prediction: HyTrust
Advanced Persistent Threats (APTs) Will Become More Predominant and Increase as a Priority
The explosion of APTs against high-profile companies and government agencies we saw in 2011 will become even more predominant in 2012. Organizations that come under fire from APTs will be at heightened risk, suffering tremendous credibility and financial loss.
Insider Threats Will Grow
Insider threats backed by malicious intent, and the risks associated with insider breaches will grow in 2012. Because they occur within the network and by privileged users – such as employees, contractors or partners – organizations will have a hard time battling insider threats with traditional security measures that detect attacks from the outside. In a recent survey from Lieberman Software, more than 48 percent of survey participants said they have worked at an organization whose systems got compromised by a hacker. Keep in mind many of these insider threats are also simply human error.
Digital Forensics Will Become One of the Most Important Security Skills
Companies nowadays often have to bring in outside expertise at $330.00 hour with door-to-door billing and potentially emergency rates on top of that to analyze how an endpoint system was (again) compromised. The ongoing battles in this war aren't won quickly, but rather in months and years when you include the ensuing investigations, not to mention regulatory and compliance issues.
CIO’s Will Be Driven to Automated, Audit-Quality Reporting
Executives increasingly need to show 360-degree and holistic reports to satisfy regulatory compliance requirements – particularly in the PCI DSS space. The consequent legal implications will drive more companies to automate their network security audits and rely less on periodic audits.
Evolution of Incident Response in Organizations Will Continue
The classic virtual incident response team concept will continue to fade in favor of full time incident responders, forensic analysts, and reverse engineering malware specialists.
Cloud Computing Challenges Will Fail to Meet Lofty Expectations
While there are many possible benefits to cloud computing, the honeymoon will end. Gartner predicted “cloud hype” will peak in 2011-2012. Many organizations have discovered or will discover that they do not have the flexibility they need for their businesses, and many others will discover that any security issues (from audit to compromise) are far more complex in the cloud. With all issues come opportunities for progressive organizations to try new virtualization security and management technologies to allow even the most regulated industries to leverage the cost savings that come with the cloud.
Security Will Continue to Become Part of Virtual Infrastructure
As more and more organizations add virtualization technologies into their environment, particularly server and desktop virtualization, security will be more embedded in the native technologies, and less of an "add-on" after the implementation is complete. For server virtualization, new security, firewalls and monitoring capabilities are being integrated into some of the leading platforms now.
The Bright Side - the Right Answers Will Begin to Appear
While newer, large-scale mandates like Cloud First continue to take hold, some will also invariably stumble. The innovative minds in cloud, virtualization, and security will assemble dynamic, scalable, learning systems and platforms to get ahead and stay ahead of the rapidly-evolving threats in the physical and virtual technology landscapes.