SlideShare a Scribd company logo
1 of 12
Download to read offline
Internet Security Predictions for 2011:
The Shape of Things to Come
1. Critical Infrastructure To Be Increasingly Targeted By
Cyber Threats, but Governments Will Be Slow to React

                                                            2
Critical Infrastructure To Be Increasingly Targeted By Cyber
Threats, but Governments Will Be Slow to React

• Stuxnet – a computer virus designed to modify the behavior of
  hardware systems to create a physical, real-world impact – has
  opened Pandora’s Box. Additional attacks targeting critical
  infrastructure will occur in 2011.
• A high level of awareness among critical infrastructure
  providers of the new class of threats that exist will push these
  providers to move forward with cybersecurity precautions in
  2011.
• Given the recent widespread changeover in the U.S. Congress
  after November’s elections, it is unlikely that we will see much
  movement in this regard from the government this year. Critical
  Infrastructure Protection legislation and government initiatives
  in other countries also face challenges.
                                                                     3
2. Cyber Attacks to Become More Frequent, More
Targeted and More Impactful

                                                 4
Cyber Attacks to Become More Frequent, More Targeted and
More Impactful
• Last January Hydraq, a.k.a Aurora, provided a high-profile example of
  a growing class of highly targeted threats that seek to infiltrate either
  specific organizations or a particular type of computer system. These
  attacks take advantage of previously unknown software
  vulnerabilities and are also known as “Zero-day vulnerabilities”
  because they occur a day before (the “zeroth” day) developers are
  aware of them. As these targeted threats gain momentum in 2011,
  we will witness more zero-day vulnerabilities coming to light in the
  next 12 months than in any other previous year.
• Since no one but the bad guys are aware of these security “holes”
  prior to the attack, using zero-day vulnerabilities is an effective means
  to improve an attacker’s odds that the targeted device(s) or
  computer(s) will be largely defenseless against their assault.
• In 2009 Symantec observed a total of 12 of these zero-day
  vulnerabilities. As of early November 2010, Symantec has already
  tracked 18 previously unknown security vulnerabilities. Nearly half of
  these – possibly more – have been used by targeted threats such as
  Stuxnet, Hydraq, Sykipot and Pirpi.

                                                                          5
3. Adoption of Smartphones Blur the Line Between
Business and Personal

                                                   6
Adoption of Smartphones Blur the Line Between Business and
Personal
• Gartner Research predicts that, by year’s end, 1.2 billion people will be using
  mobile phones capable of rich Web connectivity. In 2011, businesses will
  have to adopt new security models to keep the sensitive data on (and
  accessible through) these devices safe.
• Increasingly, the same mobile devices are being used for both personal and
  business use. This creates complex security and management challenges for
  three key groups: Consumers, Information Technology (IT) organizations,
  and communication service providers.
• As devices grow more sophisticated and their adoption more prolific, it is
  inevitable that attackers will home in on mobile devices and that they will
  become a leading source of confidential data loss.
• Research by Mocana, a security software company that delivers
  comprehensive protection for “smart” devices, indicates attacks against
  smart mobile devices already require (or will require by year’s end) the
  regular attention of IT staff for 65 percent of organizations surveyed. In
  2011, businesses will have to address this issue by adopting new security
  solutions that will work seamlessly across multiple platforms and devices.
                                                                                    7
4. New Laws Lead Businesses to Adopt Better Security
Mitigation

                                                       8
New Laws Lead Businesses to Adopt Better Security
• The explosion of mobile devices not only means organizations will face new
  challenges in keeping these devices and the sensitive data on them safe;
  they also must comply with a veritable alphabet soup of regulatory
  compliance standards.
• The Ponemon Institute’s 2010 Annual Study: U.S. Enterprise Encryption
  Trends study revealed that, for the first time, regulatory compliance has
  surpassed data breach mitigation as the top reason why organizations
  deploy encryption technologies (Technologies which allow you to scramble
  data into an unreadable form to ensure privacy).
• Despite regulations, many organizations still do not disclose when mobile
  devices containing sensitive data are lost. In fact, employees do not always
  report these lost devices to their organizations. This year, we expect
  regulators will start cracking down on this issue.
• In 2011, we will see organizations across the board take a more proactive
  approach to data protection with the adoption of encryption technology in
  order to meet compliance standards and avoid the heavy fines, and damage
  to their brands, that a data breach can cause.

                                                                                 9
5. Politically Motivated Cyber Warfare to Increase


                                                     10
Politically Motivated Cyber Warfare to Increase
• A recent Symantec study found that more than half of all firms
  surveyed said they suspected, or were pretty sure, that they had
  experienced an attack waged with a specific political goal in mind.
• In the past, politically motivated attacks primarily fell in the realm of
  cyber espionage or denial of service-type attacks against Web
  services (where a large group of computers under the control of a
  cybercriminal simultaneously are made to visit a particular website,
  causing it to crash). However, Stuxnet has opened Pandora’s Box.
  Expect to see these threats move beyond spy games and annoyances
  as online threats become “weaponized,” with the goal to cause real-
  world damage.
• Symantec thinks Stuxnet is possibly just the first highly visible
  indication of attempts at what some might call “cyber warfare” that
  have been happening for some time now. In 2011, more indications
  of the ongoing pursuit to control the digital arms race will come to
  light.


                                                                              11
Thank you!
To read more about these trend predictions, please visit:
http://www.symantec.com/connect/blogs/internet-
security-predictions-2011-shape-things-
come?om_ext_cid=biz_socmed_twitter_facebook_marke
twire_linkedin_2010Nov_EOYcampaign
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.


                                                                                                                                                                                        12

More Related Content

More from Symantec

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantSymantec
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 

More from Symantec (20)

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
 

Recently uploaded

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 

Recently uploaded (20)

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 

Internet Security Predictions for 2011

  • 1. Internet Security Predictions for 2011: The Shape of Things to Come
  • 2. 1. Critical Infrastructure To Be Increasingly Targeted By Cyber Threats, but Governments Will Be Slow to React 2
  • 3. Critical Infrastructure To Be Increasingly Targeted By Cyber Threats, but Governments Will Be Slow to React • Stuxnet – a computer virus designed to modify the behavior of hardware systems to create a physical, real-world impact – has opened Pandora’s Box. Additional attacks targeting critical infrastructure will occur in 2011. • A high level of awareness among critical infrastructure providers of the new class of threats that exist will push these providers to move forward with cybersecurity precautions in 2011. • Given the recent widespread changeover in the U.S. Congress after November’s elections, it is unlikely that we will see much movement in this regard from the government this year. Critical Infrastructure Protection legislation and government initiatives in other countries also face challenges. 3
  • 4. 2. Cyber Attacks to Become More Frequent, More Targeted and More Impactful 4
  • 5. Cyber Attacks to Become More Frequent, More Targeted and More Impactful • Last January Hydraq, a.k.a Aurora, provided a high-profile example of a growing class of highly targeted threats that seek to infiltrate either specific organizations or a particular type of computer system. These attacks take advantage of previously unknown software vulnerabilities and are also known as “Zero-day vulnerabilities” because they occur a day before (the “zeroth” day) developers are aware of them. As these targeted threats gain momentum in 2011, we will witness more zero-day vulnerabilities coming to light in the next 12 months than in any other previous year. • Since no one but the bad guys are aware of these security “holes” prior to the attack, using zero-day vulnerabilities is an effective means to improve an attacker’s odds that the targeted device(s) or computer(s) will be largely defenseless against their assault. • In 2009 Symantec observed a total of 12 of these zero-day vulnerabilities. As of early November 2010, Symantec has already tracked 18 previously unknown security vulnerabilities. Nearly half of these – possibly more – have been used by targeted threats such as Stuxnet, Hydraq, Sykipot and Pirpi. 5
  • 6. 3. Adoption of Smartphones Blur the Line Between Business and Personal 6
  • 7. Adoption of Smartphones Blur the Line Between Business and Personal • Gartner Research predicts that, by year’s end, 1.2 billion people will be using mobile phones capable of rich Web connectivity. In 2011, businesses will have to adopt new security models to keep the sensitive data on (and accessible through) these devices safe. • Increasingly, the same mobile devices are being used for both personal and business use. This creates complex security and management challenges for three key groups: Consumers, Information Technology (IT) organizations, and communication service providers. • As devices grow more sophisticated and their adoption more prolific, it is inevitable that attackers will home in on mobile devices and that they will become a leading source of confidential data loss. • Research by Mocana, a security software company that delivers comprehensive protection for “smart” devices, indicates attacks against smart mobile devices already require (or will require by year’s end) the regular attention of IT staff for 65 percent of organizations surveyed. In 2011, businesses will have to address this issue by adopting new security solutions that will work seamlessly across multiple platforms and devices. 7
  • 8. 4. New Laws Lead Businesses to Adopt Better Security Mitigation 8
  • 9. New Laws Lead Businesses to Adopt Better Security • The explosion of mobile devices not only means organizations will face new challenges in keeping these devices and the sensitive data on them safe; they also must comply with a veritable alphabet soup of regulatory compliance standards. • The Ponemon Institute’s 2010 Annual Study: U.S. Enterprise Encryption Trends study revealed that, for the first time, regulatory compliance has surpassed data breach mitigation as the top reason why organizations deploy encryption technologies (Technologies which allow you to scramble data into an unreadable form to ensure privacy). • Despite regulations, many organizations still do not disclose when mobile devices containing sensitive data are lost. In fact, employees do not always report these lost devices to their organizations. This year, we expect regulators will start cracking down on this issue. • In 2011, we will see organizations across the board take a more proactive approach to data protection with the adoption of encryption technology in order to meet compliance standards and avoid the heavy fines, and damage to their brands, that a data breach can cause. 9
  • 10. 5. Politically Motivated Cyber Warfare to Increase 10
  • 11. Politically Motivated Cyber Warfare to Increase • A recent Symantec study found that more than half of all firms surveyed said they suspected, or were pretty sure, that they had experienced an attack waged with a specific political goal in mind. • In the past, politically motivated attacks primarily fell in the realm of cyber espionage or denial of service-type attacks against Web services (where a large group of computers under the control of a cybercriminal simultaneously are made to visit a particular website, causing it to crash). However, Stuxnet has opened Pandora’s Box. Expect to see these threats move beyond spy games and annoyances as online threats become “weaponized,” with the goal to cause real- world damage. • Symantec thinks Stuxnet is possibly just the first highly visible indication of attempts at what some might call “cyber warfare” that have been happening for some time now. In 2011, more indications of the ongoing pursuit to control the digital arms race will come to light. 11
  • 12. Thank you! To read more about these trend predictions, please visit: http://www.symantec.com/connect/blogs/internet- security-predictions-2011-shape-things- come?om_ext_cid=biz_socmed_twitter_facebook_marke twire_linkedin_2010Nov_EOYcampaign Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 12