Cyber crime in 2025: New threats mingle with old risks

As our physical and digital worlds become more networked, cyber thieves will use time-tested techniques to pull off scams

With the new year upon us, I'm pulling out my crystal ball to predict the computer security threats of tomorrow -- and I don't mean 2012. I'm looking ahead to 2022 or 2032. Over the next couple of decades, technology will surely continue to evolve, and if the past is any guide, we can expect that today's security problems -- buffer overflows, misconfigurations, poor authentication implementations, and data malformation -- won't much change; they'll just move to the latest gadgets.

Think, first, about how much our lives have changed in the past couple of decades. My kids wouldn't understand how tough it was to choose between a 10MB and a 24MB hard drive when all I really needed were two floppy drives to get the computer up and running. They'd say, "What's a megabyte?" Or for that matter, "What's a floppy drive?"

[ Learn why Roger A. Grimes deemed 2011 as the year of the cyber criminal. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

Try to remember what life was like pre-iPod, pre-iPad, or before you could rent thousands of movies directly to your TV. Could you have imagined that you'd carry around a thousand of your favorite albums (and movies and podcasts) on a device not much larger than a postage stamp? That's the trouble with predicting a decade or two out: It's bound to be less exciting in some ways than you had imagined -- we still lack inexpensive flying cars or jet packs -- yet exceed your expectations in ways you couldn't predict.

Technology of tomorrow
I'm fairly confident of what to expect in the next decade. User profiles will roam everywhere. All applications will be "Webized." Computers will be wearable. Everything will be networked and trackable. Human-enabled UIs will be ubiquitous. Next-gen search will be built into everything.

I don't have to be a superintelligent soothsayer because lots of fantastically bright people already figured this stuff out two decades ago. The exploration and patents have been long in process. It's all about the right vendor introducing the right product at the right time -- it's not like the iPod was the first portable digital media player.

For starters, most observers already understand that everything that isn't "Webized" today will become "Webized." If you're working on an app that doesn't encode directly to HTML or XML, it won't be around a decade from now.

Everything and everyone will be networked and tracked using IPv6 (or later), and we'll beg for it. There are clear advantages: A parent, for example, would know instantly that Johnny's getting off the bus in front of the house, and he has an elevated temp. Also, we'd know if we needed more eggs for Sunday morning's breakfast. Those pluses will override most people's fears of privacy invasion. I anticipate, in fact, that most people won't even understand the term "privacy invasion."

Within the next 20 years, the days of seeing one desktop on your work PC and one on your home PC will have ended. Rather, your desktop and profile will follow you from machine to machine. Both desktops will blend and always appear when the computer's "eye" recognizes you. Sign in at an airport kiosk and your desktop profile is there. Look at your mobile device and you'll find the same profile -- but fit to a smaller form factor. You won't have to save anything because everything you do is saved. Make a mistake and you'll be able to undo the problem, going as far back as you need.

1 2 Page 1
Page 1 of 2
How to choose a SIEM solution: 11 key features and considerations