My crystal ball tells me that 2012 is
a relatively predictable one. That's largely because we've experienced significant
changes in the political, business and security landscapes, ones that are
sufficient to inspire some form of predictable short term action. Amongst other
things it means some interesting action items will percolate up the management
agenda. Here's my top six predictions for 2012.
Space weather creates concern
Even if you're cynical about the forecasts
of widespread electrical disruption, it's certainly worth dusting down the
contingency plans and filling up the generators. At the very least, increased
solar activity will probably cause a few minor annoyances to GPS users. The larger
concern, however, is that it might take out mobile communications, power supplies or
perhaps anything with a GPS chip. Not quite Y2K in impact, but longer, less predictable
and much less researched and publicised.
Social networks get secure
Why have we been waiting so long to
deploy a solution to insecure social networks when it's not that difficult to
achieve? The answer is our lack of imagination. This will change in 2012 as easy-to-use
products emerge to secure Facebook and Twitter communications, just in time for
a Springtime wave of citizen uprisings. I'm already playing with an alpha version.
Big data is the new black
Yes, we've all known about the
information explosion for decades, arguably for centuries. The problem is that
no one has done much about it. But big data is now becoming interesting, both
as a challenge to existing security processes and an opportunity for data
mining and fusion opportunities. It's a timely catalyst for change as the real future
of security lies more with smart information exploitation rather than
industrial-age quality management systems. I detect an increasing number of security
vendors exploring this area. That's good news for a security community that's
lacking in imaginative ideas.
The electronic Pearl Harbour strikes home
I've been forecasting the electronic Pearl
Harbour for more than a decade. In 1999 I predicted it would not happen until at
least 2006. That analysis was based on technology road mapping exercises. Last year I forecast it would finally hit
home. It didn't, but the integrity of many of our critical services continues to
survive on borrowed time. Expect a big catastrophe this year. It's long overdue,
and much needed to shake up the current lacklustre order of battle in the cyber
Public clouds fail to hit the spot
Why are public cloud services so reluctant
to give security assurances? Now that's the bit I don't get. You can't make
money without talking up your products. There are plenty of liability
considerations of course. But that's precisely why big customers are holding back.
If vendors can't deliver cast iron guarantees then big companies will not buy
the services. If any cloud services catch on they are likely to be private or
hybrid implementations. Public clouds might seem like a good idea in theory but they have
a long way to go in practice.
The new global game
For decades we lived in the shadow of
a largely invisible cold war dominated by pervasive espionage aimed primarily at
military or diplomatic targets. It had little, if any, apparent impact on everyday
citizen and business interests. Few of us noticed, or cared what was going on. Today
it's different. The new battleground is our global business infrastructure, and
the targets our trade secrets. It's no longer realistic for governments to turn
a blind eye to hostile attacks, or even attempt to keep the new game under
wraps. As exploitation of stolen secrets becomes increasingly visible, then we
should expect an overt response to any covert attacks. It's time for soft
targets to strike back.