Larry Ponemon, founder of the Ponemon Institute, has published a paper on ‘Cyber Security Mega Trends’, i.e. what senior level IT executives believe to be the biggest cyber security threats to US federal organizations. It’s a useful read, not so much to predict the future – which can’t be done through a market survey – but to understand the thinking and priorities of government IT executives.
I often find that the solution to a problem is not too far away from the problem itself. So it’s interesting to note that all of threats mentioned can actually form the basis of potential security solutions:
- Cloud computing offers better security services because the cloud service provider gains a superior perspective of events.
- Virtualization technology can be used to prevent intrusions by rapidly rotating targeted servers to prevent an attack from succeeding.
- Mobility ensures a more effective crisis response and can provide useful intelligence on the location and activities of people.
- Cyber crime and cyber terrorism provide justification to build larger security budgets and empires.
- Open source enables greater cooperation, review and bug-fixing for security products.
- Data breach notification means that enterprises are compelled to fix security exposures before the breaches occur.
- Unstructured data encourages the development of management tools that provide better intelligence through a richer analysis of data content.
- Outsourcing motivates us to establish better inventories, standards and compliance processes.
- Web 2.0 provides the social networking capability we need to harness the power of employees and customers to serve as a virtual security function.
As I often say, it’s not difficult to turn a series of threats into a set of opportunities.