Ten current security trends
In an important speech at Hack in the Box Security Conference held in Kuala Lampua (Malaysia) last month, Bruce Schneiver - chief technology officer of managed security service provider Counterpane Internet Security confirmed. Decree 10 tends to affect information security today.
1. Information is more valuable.
Amazon.com relies on information to make buying and selling books online easy through a one-click purchase system. Similarly, Pets.com's business is also growing rapidly with the view that the company's customer database 'is the most precious thing they have,' Bruce said.
Information is also valuable in access control such as providing single sign-on and authentication for users, enforcing the rules that are prescribed, using information to help find criminals and collecting evidence. .
2. The network becomes a key infrastructure.
Internet is not built to become a key infrastructure. ' This has only happened recently '. High-importance systems are constantly turning to design frameworks for the Internet.
The Internet has helped companies operate more efficiently and easily in interpersonal relations. But there are also real threatening economic dangers in it. ' If the Internet usage is reduced, or a part of the Internet is down, it really affects the economy .'
3. Users do not control their information appropriately
For example, Internet service providers control user information through a record stored on the website that they visit and their email - sent. Also, some mobile distributors save copies of their phone numbers on their servers.
' There are many values in information about you. But you can't control its security even with the most dangerous personal information . '
4. Professional criminal hacking activity is increasing
Hacking is no longer a "phobia" activity. Organized attacks led by professional criminals are increasing with a tendency to profit. 'The nature of the attacks has changed, because their opponents are changing'.
Exploits involving DoS attacks (denial of server) and phishing are two good examples of criminal attacks. Moreover, there is a black market for exploits, allowing attackers to penetrate brain-head IT systems.
5. Complexity is your enemy
' The more complex the system, the lower the level of safety .' Schneirer also calls the Internet the ' most complex machine ever built '.
Advanced features in simple security technology do not keep up with the development of the Internet. ' Security is getting better, but complexity is the cause for the worst things to grow faster .'
6. Attack faster than patch
Exploited vulnerabilities and weaknesses are discovered faster than manufacturers' patching capabilities. In other cases, vulnerabilities in embedded systems such as Cisco System routers cannot be patched, leaving serious vulnerabilities for companies.
7. Worms that produce unprecedented sophistication
They include vulnerability assessment tools, review of integrated security fences to find weaknesses, using Google to intelligently gather information. ' This trend is the result of worms turning themselves into criminals '.
8. The end point is the weakest link
' There will be no problem with your evaluation plan if the remote machine is not reliable '. In many cases, the computer outside of the company's security is the weakest link. These computers are often attacked by worms, spyware . as an opportunity for attackers to exploit.
9. End users can be a threat
Software development companies tend to increase protection against end users. DRM (digital rights management) software is an example. ' As we are seeing, security does not protect users but is protection against users '.
A good example is the case of DRM, installed by Sony Corp. without user permission, the software becomes a threat to end-user computers. ' The principle and regulation around this issue is a great battlefield ,' Schneiver predicts this battle will take place between user-protected computer software and software designed to protect users.
10. Rules will redirect security controls
There is no shortage of guidelines for how a company should control data. Rules such as Sarbanes - Oxley Act will force people to comply with the general security control regime.
T.Thu
- Web security trends: 'kidnapping' and 'fake'
- Deadly fashion trends in history
- Spy on the Internet - No. 1 threat
- See network security struggles like the front
- Malware will adapt to Vista very quickly
- Color trends 2014 - Statistics from Shutterstock
- Future travel trends
- Spam, virus and malware: Highlights in 2007
- Hackers disseminate web browser security flaws
- Popular technology trends in 2009
- 6 technology trends will change the future of humankind
- Evolution is the process of merging opposite trends