Encap Security incorporates convenience of Apple... » Oslo & Palo Alto: Encap Security, the first in-app authentication solution to arm banks, retailers a... HGI announces new direction at BWF 2014 as it lo... » HGI has announced at Broadband World Forum 2014 that it will be taking a new direction as it moves t... Skyguard chosen to protect lone workers » VINCI Facilities, part of VINCI, has adopted Skyguard’s personal safety service to mitigate potentia... Alert Logic launches European Security Operations ... » Recent cases have highlighted that the landscape for cyber threats has increased dramatically over t... Travelex selects A10 Networks for major network an... » UK: A10 Networks has announced that Travelex Group, the world’s leading foreign exchange (FX) specia... Lieberman Software Privilege Management Platform... » London, UK: Lieberman Software Corporation has announced that its adaptive privilege management plat... Driving forward with Tokenization and HCE...new pa... » Driving forward with Tokenization and HCE – New Paper from the Smart Payment Association. In this pa... Research Group discovers vulnerabilities in the Ad... » Check Point has announced that its Security Research Group has discovered vulnerabilities in the Adm... Intamac chosen to develop innovative Cloud Video R... » Vigilance can report that Intamac has been selected by Swann Communications to develop an innovative... Cardinal Group basks in the glory of many accolade... » The Cardinal Group Retail Fraud Awards 2014 Vigilance can report that the Cardinal Group, celebrate...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

It’s the time of year again when IT security experts predict what the next year will bring. Read on!

Oded Comay, CTO of ForeScout, predicts:

Prediction #1: Smartphones and Tablets become the Enterprises’ “Trojan Horse”

This existing trend of increasing mobile malware will continue through 2013. This is of course a problem for consumers, but it is more-and-more an enterprise issue because of the skyrocketing presence of mobile operating systems on enterprise networks.

In 2013, more malware than ever will enter the enterprises via employee owned smartphones and tablets. Companies that wish to defend themselves against this modern day “Trojan Horse” will need to deploy security technologies in two places: on the mobile devices themselves, and on their networks. Mobile device security products (antivirus etc.) are available from many traditional endpoint security vendors, and there are a variety of new mobile device management (MDM) vendors that can let you control the configuration of the mobile devices themselves. Next, you need to ensure that your network itself is protected from risky smartphones. This is an application for classic network access control (NAC). Prepare for boom and buzz in both the MDM and NAC markets in 2013.

Prediction #2: Targeted corporate sabotage will increase

On 15 August 2012, a piece of malware called “Shamoon” erased all files on more than 30,000 computers within the network of Saudi Arabia's state oil company, ARAMCO. It was a devastating attack against this company. The malware was targeted specifically for ARAMCO, and thus the major antivirus vendors (Symantec, etc.) had no signatures to detect or protect against this malware. Targeted attacks in the energy community are growing so quickly that cyber security has emerged as the principle security concern, topping physical security issues.*

As 2013 unfolds, we’ll see increasingly sophisticated corporate attacks spread by malware and created with corporate sabotage as its specific intent. We’ll also see growth in niche security solutions that defend against targeted attacks such as by looking specifically at network behaviour that is associated with propagation.

Prediction #3: BYOD Growth Drives Need for Increased BYOD Security

Jupiter Research recently predicted that the number of BYOD devices would double by 2014. BYOD itself is not a threat, but increasingly IT security managers shudder at the implications of large numbers of uncontrolled, unmanaged devices connecting to their enterprise networks. Not to mention the vulnerability inherent in your important corporate data walking out the door every day on a device that is easily stolen or misplaced. If your enterprise doesn’t have a security plan in place for BYOD, you are risking two major problems: 1) loss of data, 2) infection and attack by compromised endpoints and possibly compliance violations.

Enterprises looking to secure themselves against the BYOD trend need to consider deploying security technologies in two places: on the mobile devices themselves and on their networks. As the BYOD trend turns to BYOD ubiquity, we will see a growing need for BYOD security solutions.

* Roberts, John. "The Barrel Blog." The Barrel Blog. Platts a Division of The McGraw-Hill Companies, 27 Nov. 2012.

Steve Pao, Vice President of Product Management at Barracuda Networks, predicts:

Virtualization will continue to change how we think about networking. The changes brought on by virtualization that have already affected compute and storage will continue to move to the network. While the term “software defined networking” has become a buzzword of sorts, we are seeing many practical implications, including localizing security close the resources being protected. For example, over half of our SSL VPN unit volume is sold as virtual appliance today. In fact, we have virtualized most of our network-facing product line, including our next generation firewalls, Web application firewalls, server load balancers, spam filters and Web filters.

Growth in data will continue to change how we think about retention. In our personal lives, data growth has forced hard disks and the cloud to obsolete the old floppy disks, ZIP drives and CD-ROMs. Similarly, in our corporate similar trends are forcing obsolescence of tape backup and the transport of those tapes offsite. At Barracuda, our fastest growing product line has been Barracuda Backup combining disk-based backup featuring data deduplication with offsite replication to the cloud. We see this trend continuing.

The next generation firewall will become mainstream. At the enterprise level, many vendors (including Barracuda) have been evangelizing for next generation firewalls that can monitor and control policy across both users and real applications. This technology is will trickle down to midmarket buyers in 2012 and replace the heritage Unified Threat Management (UTM) products that simply combined disparate functions into a single box. Watch this space for more from us, too.

Businesses will have to get smart about social media usage in the workplace. A Barracuda Labs survey revealed that while 86% of respondents felt that employee behavior on social networks can impact company security, 75% of those respondents’ workplaces allowed Twitter usage and 69% of the respondents’ workplaces allowed Facebook usage. In 2013, Web security should continue its growth and many businesses will start to leverage social media archiving technologies as part of their e-Discovery and compliance initiatives.

Android and iOS will continue to impact business applications. Most of our customers appreciate that mobility and BYOD extend both the hours and productivity of their workforces with relatively little expense. However, taking advantage of mobile platforms requires the ability to access corporate networks, access stored data and browse the Internet safely. We, like other vendors, have mobility initiatives across our security and data protection product lines.

Cloud. Beyond the cloud hype, organizations will get very practical about how to use the cloud. 2013 will be the era of cloud systems management, extending the elastic compute cloud to security and enabling the efficient use of cloud applications (e.g., salesforce.com) from within very busy networks