Let me be honest with you: I absolutely hate writing security prediction stories. I've been covering security long enough to know that things often don't change much from year to year.
And yet here I go, showing you a set of predictions.
I'm breaking my own rule for two reasons: One is that this list comes from a guy I know and trust: Chris Wysopal of Veracode. Second, I want to use his list to spark some discussion.
So have a look at the following predictions and tell me if you agree or not -- or if you have other predictions nobody's talking about.
Here you go:
1.Sandboxing: Microsoft, Mozilla and more will adopt sandboxing to contain risky code.
2.Bug bounties: More companies will join the bug bounty party – including Microsoft!
3.Mobile apps affect enterprise risk: This is the year a malicious app on a personal mobile device will be responsible for an enterprise security breach. Why? Many apps from ‘trusted’ sources like the Apple App Store still aren’t analyzed for security flaws. And the risk will expand from apps to mobile devices. Fair warning to BlackBerry’s Playbook.
4.Wikileaks wakeup call: Restrictive policies and DLP solutions won’t be enough for the government and private corporations to fend off attacks. Despite stocking up on anti-leak security products, there are no silver bullets. We will see more high-profile leaks than ever before, due in part to a new wave of Wikileaks copycats.
5.Stuxnet is only the start: Another Stuxnet-like stealthy targeted worm will burrow its way somewhere into critical U.S. infrastructure.