• United States



by Chris Thatcher

Top Security Trends for 2006

Jan 09, 20063 mins
CSO and CISOData and Information Security

Expert predictions for information security in the coming year

As a result of working with hundreds of companies on security projects, my teammates and I at Dimension Data have set forth predictions for the top security trends for 2006. Here’s what to watch for:

1.) More damages, but fewer epidemics.

Organizations cannot rely on the press and mass outbreaks to alert them of epidemics and problems anymore. The assumption that no news is good news will lead to a false sense of security. Infection rates are likely to increase.

2.) Accelerated legislation, some litigation.

We’ll see an increased focus on and awareness of compliance. There will be greater pressure to comply and increased scrutiny. Security becomes more of a consideration in offshoring, collaboration and outsourcing agreements. Compliance and a focus on business processes will drive alignment between business, IT and security operations.

3.) Points of attack move beyond Microsoft’s Operating System.

More applications within an organization’s environment will be targeted, resulting in greater workloads to patch vulnerabilities.

4.) Mobile phone and PDA/ Smartphone virus concerns.

Uncontrolled deployment of PDAs and smartphones will yield a security headache later. Issues surrounding mobility need to be tackled head on.

5.) Spyware a major issue.

Spyware infections will increase on corporate desktops, sapping bandwidth and affecting productivity and driving up help desk calls. Organizations will need to invest in additional technology to combat this problem.

6.) IM and P2P will become a bigger headache.

Massive and continued adoption of IM and P2P will expose organizations to new threat vectors. Organizations need to secure and control these disruptive technologies.

7.) Messaging security will get serious.

Demand for e-mail security products has shifted from a spam-based purchase one to two years ago, to a broader feature buy. Corporate enterprises are now exploring broader policy compliance and encryption capabilities in addition to effectiveness in dealing with virus-laden emails and spam, which continues to hover in the 60 percent to 80 percent range for most corporations.

8.) Data protection energized as publicized data breaches in the United States intensify.

Data security joins information security as an area of concern as privacy practices become linked to corporate brand image and consumer movement pressures.

9.) Convergence will accelerate; security becomes embedded in the infrastructure.

Network, systems and security management will all converge as one competence. Customers increasingly need to look to one vendor to supply, support, manage and secure the end-to end infrastructure as security goes from vertical to horizontal and convergence takes hold.

Good luck in 2006.