SlideShare uma empresa Scribd logo
1 de 12
Baixar para ler offline
Internet Security Predictions for 2011:
The Shape of Things to Come
1. Critical Infrastructure To Be Increasingly Targeted By
Cyber Threats, but Governments Will Be Slow to React

                                                            2
Critical Infrastructure To Be Increasingly Targeted By Cyber
Threats, but Governments Will Be Slow to React

• Stuxnet – a computer virus designed to modify the behavior of
  hardware systems to create a physical, real-world impact – has
  opened Pandora’s Box. Additional attacks targeting critical
  infrastructure will occur in 2011.
• A high level of awareness among critical infrastructure
  providers of the new class of threats that exist will push these
  providers to move forward with cybersecurity precautions in
  2011.
• Given the recent widespread changeover in the U.S. Congress
  after November’s elections, it is unlikely that we will see much
  movement in this regard from the government this year. Critical
  Infrastructure Protection legislation and government initiatives
  in other countries also face challenges.
                                                                     3
2. Cyber Attacks to Become More Frequent, More
Targeted and More Impactful

                                                 4
Cyber Attacks to Become More Frequent, More Targeted and
More Impactful
• Last January Hydraq, a.k.a Aurora, provided a high-profile example of
  a growing class of highly targeted threats that seek to infiltrate either
  specific organizations or a particular type of computer system. These
  attacks take advantage of previously unknown software
  vulnerabilities and are also known as “Zero-day vulnerabilities”
  because they occur a day before (the “zeroth” day) developers are
  aware of them. As these targeted threats gain momentum in 2011,
  we will witness more zero-day vulnerabilities coming to light in the
  next 12 months than in any other previous year.
• Since no one but the bad guys are aware of these security “holes”
  prior to the attack, using zero-day vulnerabilities is an effective means
  to improve an attacker’s odds that the targeted device(s) or
  computer(s) will be largely defenseless against their assault.
• In 2009 Symantec observed a total of 12 of these zero-day
  vulnerabilities. As of early November 2010, Symantec has already
  tracked 18 previously unknown security vulnerabilities. Nearly half of
  these – possibly more – have been used by targeted threats such as
  Stuxnet, Hydraq, Sykipot and Pirpi.

                                                                          5
3. Adoption of Smartphones Blur the Line Between
Business and Personal

                                                   6
Adoption of Smartphones Blur the Line Between Business and
Personal
• Gartner Research predicts that, by year’s end, 1.2 billion people will be using
  mobile phones capable of rich Web connectivity. In 2011, businesses will
  have to adopt new security models to keep the sensitive data on (and
  accessible through) these devices safe.
• Increasingly, the same mobile devices are being used for both personal and
  business use. This creates complex security and management challenges for
  three key groups: Consumers, Information Technology (IT) organizations,
  and communication service providers.
• As devices grow more sophisticated and their adoption more prolific, it is
  inevitable that attackers will home in on mobile devices and that they will
  become a leading source of confidential data loss.
• Research by Mocana, a security software company that delivers
  comprehensive protection for “smart” devices, indicates attacks against
  smart mobile devices already require (or will require by year’s end) the
  regular attention of IT staff for 65 percent of organizations surveyed. In
  2011, businesses will have to address this issue by adopting new security
  solutions that will work seamlessly across multiple platforms and devices.
                                                                                    7
4. New Laws Lead Businesses to Adopt Better Security
Mitigation

                                                       8
New Laws Lead Businesses to Adopt Better Security
• The explosion of mobile devices not only means organizations will face new
  challenges in keeping these devices and the sensitive data on them safe;
  they also must comply with a veritable alphabet soup of regulatory
  compliance standards.
• The Ponemon Institute’s 2010 Annual Study: U.S. Enterprise Encryption
  Trends study revealed that, for the first time, regulatory compliance has
  surpassed data breach mitigation as the top reason why organizations
  deploy encryption technologies (Technologies which allow you to scramble
  data into an unreadable form to ensure privacy).
• Despite regulations, many organizations still do not disclose when mobile
  devices containing sensitive data are lost. In fact, employees do not always
  report these lost devices to their organizations. This year, we expect
  regulators will start cracking down on this issue.
• In 2011, we will see organizations across the board take a more proactive
  approach to data protection with the adoption of encryption technology in
  order to meet compliance standards and avoid the heavy fines, and damage
  to their brands, that a data breach can cause.

                                                                                 9
5. Politically Motivated Cyber Warfare to Increase


                                                     10
Politically Motivated Cyber Warfare to Increase
• A recent Symantec study found that more than half of all firms
  surveyed said they suspected, or were pretty sure, that they had
  experienced an attack waged with a specific political goal in mind.
• In the past, politically motivated attacks primarily fell in the realm of
  cyber espionage or denial of service-type attacks against Web
  services (where a large group of computers under the control of a
  cybercriminal simultaneously are made to visit a particular website,
  causing it to crash). However, Stuxnet has opened Pandora’s Box.
  Expect to see these threats move beyond spy games and annoyances
  as online threats become “weaponized,” with the goal to cause real-
  world damage.
• Symantec thinks Stuxnet is possibly just the first highly visible
  indication of attempts at what some might call “cyber warfare” that
  have been happening for some time now. In 2011, more indications
  of the ongoing pursuit to control the digital arms race will come to
  light.


                                                                              11
Thank you!
To read more about these trend predictions, please visit:
http://www.symantec.com/connect/blogs/internet-
security-predictions-2011-shape-things-
come?om_ext_cid=biz_socmed_twitter_facebook_marke
twire_linkedin_2010Nov_EOYcampaign
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.


                                                                                                                                                                                        12

Mais conteúdo relacionado

Mais de Symantec

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantSymantec
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 

Mais de Symantec (20)

Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
 

Último

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Último (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Internet Security Predictions for 2011

  • 1. Internet Security Predictions for 2011: The Shape of Things to Come
  • 2. 1. Critical Infrastructure To Be Increasingly Targeted By Cyber Threats, but Governments Will Be Slow to React 2
  • 3. Critical Infrastructure To Be Increasingly Targeted By Cyber Threats, but Governments Will Be Slow to React • Stuxnet – a computer virus designed to modify the behavior of hardware systems to create a physical, real-world impact – has opened Pandora’s Box. Additional attacks targeting critical infrastructure will occur in 2011. • A high level of awareness among critical infrastructure providers of the new class of threats that exist will push these providers to move forward with cybersecurity precautions in 2011. • Given the recent widespread changeover in the U.S. Congress after November’s elections, it is unlikely that we will see much movement in this regard from the government this year. Critical Infrastructure Protection legislation and government initiatives in other countries also face challenges. 3
  • 4. 2. Cyber Attacks to Become More Frequent, More Targeted and More Impactful 4
  • 5. Cyber Attacks to Become More Frequent, More Targeted and More Impactful • Last January Hydraq, a.k.a Aurora, provided a high-profile example of a growing class of highly targeted threats that seek to infiltrate either specific organizations or a particular type of computer system. These attacks take advantage of previously unknown software vulnerabilities and are also known as “Zero-day vulnerabilities” because they occur a day before (the “zeroth” day) developers are aware of them. As these targeted threats gain momentum in 2011, we will witness more zero-day vulnerabilities coming to light in the next 12 months than in any other previous year. • Since no one but the bad guys are aware of these security “holes” prior to the attack, using zero-day vulnerabilities is an effective means to improve an attacker’s odds that the targeted device(s) or computer(s) will be largely defenseless against their assault. • In 2009 Symantec observed a total of 12 of these zero-day vulnerabilities. As of early November 2010, Symantec has already tracked 18 previously unknown security vulnerabilities. Nearly half of these – possibly more – have been used by targeted threats such as Stuxnet, Hydraq, Sykipot and Pirpi. 5
  • 6. 3. Adoption of Smartphones Blur the Line Between Business and Personal 6
  • 7. Adoption of Smartphones Blur the Line Between Business and Personal • Gartner Research predicts that, by year’s end, 1.2 billion people will be using mobile phones capable of rich Web connectivity. In 2011, businesses will have to adopt new security models to keep the sensitive data on (and accessible through) these devices safe. • Increasingly, the same mobile devices are being used for both personal and business use. This creates complex security and management challenges for three key groups: Consumers, Information Technology (IT) organizations, and communication service providers. • As devices grow more sophisticated and their adoption more prolific, it is inevitable that attackers will home in on mobile devices and that they will become a leading source of confidential data loss. • Research by Mocana, a security software company that delivers comprehensive protection for “smart” devices, indicates attacks against smart mobile devices already require (or will require by year’s end) the regular attention of IT staff for 65 percent of organizations surveyed. In 2011, businesses will have to address this issue by adopting new security solutions that will work seamlessly across multiple platforms and devices. 7
  • 8. 4. New Laws Lead Businesses to Adopt Better Security Mitigation 8
  • 9. New Laws Lead Businesses to Adopt Better Security • The explosion of mobile devices not only means organizations will face new challenges in keeping these devices and the sensitive data on them safe; they also must comply with a veritable alphabet soup of regulatory compliance standards. • The Ponemon Institute’s 2010 Annual Study: U.S. Enterprise Encryption Trends study revealed that, for the first time, regulatory compliance has surpassed data breach mitigation as the top reason why organizations deploy encryption technologies (Technologies which allow you to scramble data into an unreadable form to ensure privacy). • Despite regulations, many organizations still do not disclose when mobile devices containing sensitive data are lost. In fact, employees do not always report these lost devices to their organizations. This year, we expect regulators will start cracking down on this issue. • In 2011, we will see organizations across the board take a more proactive approach to data protection with the adoption of encryption technology in order to meet compliance standards and avoid the heavy fines, and damage to their brands, that a data breach can cause. 9
  • 10. 5. Politically Motivated Cyber Warfare to Increase 10
  • 11. Politically Motivated Cyber Warfare to Increase • A recent Symantec study found that more than half of all firms surveyed said they suspected, or were pretty sure, that they had experienced an attack waged with a specific political goal in mind. • In the past, politically motivated attacks primarily fell in the realm of cyber espionage or denial of service-type attacks against Web services (where a large group of computers under the control of a cybercriminal simultaneously are made to visit a particular website, causing it to crash). However, Stuxnet has opened Pandora’s Box. Expect to see these threats move beyond spy games and annoyances as online threats become “weaponized,” with the goal to cause real- world damage. • Symantec thinks Stuxnet is possibly just the first highly visible indication of attempts at what some might call “cyber warfare” that have been happening for some time now. In 2011, more indications of the ongoing pursuit to control the digital arms race will come to light. 11
  • 12. Thank you! To read more about these trend predictions, please visit: http://www.symantec.com/connect/blogs/internet- security-predictions-2011-shape-things- come?om_ext_cid=biz_socmed_twitter_facebook_marke twire_linkedin_2010Nov_EOYcampaign Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 12