Six security forecasts for 2012

My crystal ball tells me that 2012 is a relatively predictable one. That’s largely because we’ve experienced significant changes in the political, business and security landscapes, ones that are sufficient to inspire some form of predictable short term action. Amongst other things it means some interesting action items will percolate up the management agenda. Here’s my top six predictions for 2012.

Space weather creates concern

Even if you’re cynical about the forecasts of widespread electrical disruption, it’s certainly worth dusting down the contingency plans and filling up the generators. At the very least, increased solar activity will probably cause a few minor annoyances to GPS users. The larger concern, however, is that it might take out mobile communications, power supplies or perhaps anything with a GPS chip. Not quite Y2K in impact, but longer, less predictable and much less researched and publicised.

Social networks get secure

Why have we been waiting so long to deploy a solution to insecure social networks when it’s not that difficult to achieve? The answer is our lack of imagination. This will change in 2012 as easy-to-use products emerge to secure Facebook and Twitter communications, just in time for a Springtime wave of citizen uprisings. I’m already playing with an alpha version.  

Big data is the new black

Yes, we’ve all known about the information explosion for decades, arguably for centuries. The problem is that no one has done much about it. But big data is now becoming interesting, both as a challenge to existing security processes and an opportunity for data mining and fusion opportunities. It’s a timely catalyst for change as the real future of security lies more with smart information exploitation rather than industrial-age quality management systems. I detect an increasing number of security vendors exploring this area. That’s good news for a security community that’s lacking in imaginative ideas.

The electronic Pearl Harbour strikes home

I’ve been forecasting the electronic Pearl Harbour for more than a decade. In 1999 I predicted it would not happen until at least 2006. That analysis was based on technology road mapping exercises.  Last year I forecast it would finally hit home. It didn’t, but the integrity of many of our critical services continues to survive on borrowed time. Expect a big catastrophe this year. It’s long overdue, and much needed to shake up the current lacklustre order of battle in the cyber security space.

Public clouds fail to hit the spot

Why are public cloud services so reluctant to give security assurances? Now that’s the bit I don’t get. You can’t make money without talking up your products. There are plenty of liability considerations of course. But that’s precisely why big customers are holding back. If vendors can’t deliver cast iron guarantees then big companies will not buy the services. If any cloud services catch on they are likely to be private or hybrid implementations. Public clouds might seem like a good idea in theory but they have a long way to go in practice.  

The new global game

For decades we lived in the shadow of a largely invisible cold war dominated by pervasive espionage aimed primarily at military or diplomatic targets. It had little, if any, apparent impact on everyday citizen and business interests. Few of us noticed, or cared what was going on. Today it’s different. The new battleground is our global business infrastructure, and the targets our trade secrets. It’s no longer realistic for governments to turn a blind eye to hostile attacks, or even attempt to keep the new game under wraps. As exploitation of stolen secrets becomes increasingly visible, then we should expect an overt response to any covert attacks. It’s time for soft targets to strike back. 

Enhanced by Zemanta