Welcome to my second annual plea for security vendors to put away those self-evident New Year predictions.I’ve never been a fan of security predictions, though I’ve written about them too many times to count. I guess that makes me a hypocrite. I could take the high road and tell you my bosses always make me write about it, but why pass the buck? In the world of tech media, we ALL write about predictions. I’ve written about many that I probably didn’t have to bother with. Call it a case of doing one of those tasks you hate because, like changing diapers or taking out the trash, it has to be done. Predictions are perfectly harmless. But here’s my beef: They change very little from year to year. For seven years I’ve seen predictions that this will be the year of mobile malware or the year of a federal data security law. Only security vendors seem to enjoy making predictions. Vendors particularly love declaring competing technologies dead. There was the prediction that IDS was dead. That was many years ago and the technology remains in demand. There was the prediction that 2009 would be the year pen testing died. Most of the security practitioners I talk to daily still swear by pen testing.My inbox has been getting hammered with 2012 vendor security predictions since Halloween. They all pretty much state the obvious:–Mobile malware is gonna be a big deal–Social networking will continue to be riddled with security holes–Technologies A, B and C will be dead–Microsoft will release a lot of security patches –Data security breaches will continue to get more expensiveLooking at the predictions I got this time last year for 2011, I found that any of them could be repackaged as 2012 predictions and nobody would know the difference. Here are some examples from the Zscaler Labs Research Team:1. Political hacktivism will escalate2. Cloud computing will be fraught with security risks 3. App stores like the Android Marketplace will continue to be polluted with malicious programs4. Social networking will meets social engineeringSee what I mean? Any of these would pass as predictions for 2012, even though they are a year old.Some of my vendor friends will frown upon my prediction poo-pooing. So will the PR people they pay to distribute this stuff.But I also know more than a few PR people are reading this and agreeing with me. –Bill Brennerone-stop view of latest business threats. We created it for you! Bookmark it! Use it!CSO’s Daily Dashboard gives you a Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe