The crystal ball gazing has started early this year. Typically, tech prediction pieces emerge after Christmas, but the first 'security trends for 2011' missive has already dropped into my inbox. So, what does the somewhat premature Imperva Application Defense Center think will worry us the most on the IT security front next year? I predict the list will include more Stuxnet-like attacks, insights on the cloud's benefits or drawbacks, and concerns about mobile device security. Let's see if my crystal ball accurately predicts the predictions.

Imperva ADC says the top 10 IT security trends for 2011 will be, with my comments in parentheses:

  1. Nation-Sponsored Hacking: (Yay, strike one - Stuxnet worm clones prediction right at the top.) These attacks will build on concepts and techniques from the commercial hacker industry to create more powerful Advanced Persistent Threats. (I predict someone will get a Buzzword Bingo full house with that one.)

  2. Insider Threat Awareness to Rise: We expect growing awareness of security incidents due to insiders. Attention will increase as more incident reports tie data theft and security breaches to employees and other insiders. (I'm wondering just how much more aware of the insider threat the average enterprise can be. It’s already high on the data security agenda of most companies I talk to.)

  3. Man-in-the-Browser Attacks: These will grow in cyber-criminal activity. As a result, more online service providers will prioritize this in 2011, shifting the responsibility for mitigating the risk from consumers to service providers. (I predict banks will maintain that either the customer is at fault, or nothing bad happened and they must have made the transfer of funds themselves.)

  4. Social Network Security: This will improve, with prominent social networks and tools placing more effort into security over privacy. (Or, put another way, social networks will invest in telling the media they are all about user privacy while mining as much private data as possible.)

  5. File Security Takes Center Stage: We will see more data breaches where compromised data is in the form of files rather than database records. (You mean you're not already properly securing your file servers? I predict you'll get all you deserve by way of breaches in 2011 and beyond then.)

  6. Mobile Devices Compromise Data Security: (Strike two!) The proliferation of sophisticated mobile devices will substantially affect application and data security. (But no more than in 2010 when sophisticated mobile devices were already prolific. Surely in 2011 enterprises will be more prepared for the mobile security threat?)

  7. Data Security Goes to the Cloud: (Strike three!) There will be an increase in application security offerings in the cloud throughout 2011, with some early data security in the cloud offerings. (There are already plenty of early security in the cloud offerings, and have been all year – does something that has already happened really count as a prediction?)

  8. Cyber Security Becomes a Business Process: CISOs and security professionals will need to become business process experts to better protect data as it flows through enterprise systems. (See above, this is not a prediction but rather a reflection on what already is. Intel buying McAfee was evidence of this, and IT security has been joined at the hip to business operations for the longest time anyway.)

  9. Hackers Feel the Heat: The hacking industry will consolidate as amateurs shut down and larger, organized groups consolidate. (Erm, again, not a prediction but a current reality methinks.)

  10. Convergence of Data Security and Privacy Regulation: As more governments implement data security and privacy laws, convergence will take place worldwide. (Convergence is defined, in my book, as a common agreement or view. To be honest, I cannot see data security and privacy regulation moving toward any globally similar view next year nor in the next decade. This is, I think, less of a trending prediction and more of a security daydream!)


Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.