Articles - Page 9

Global Internet Security Outlook

Global security experts see a difficult year ahead for cybercrime issues, according to a compendium of expert predictions released by Risk Bloggers today. Among the key findings of the group, sophisticated criminal organizations will increasingly exploit technology to stay ahead of corporate and consumer defenses and cause unprecedented losses in 2007. Among the key vulnerabilities cited were large groups of zombie computers organized into Botnets, web server security holes and uncontrolled mobile devices, such as smart phones and portable storage.

According to Dave Cullinane, noted Chief Information Security Officer and co-founder of the Alliance for Enterprise Security Risk Management, "Attack methodologies will become dramatically more sophisticated and dangerous. The risk of cyber-terrorism will continue to increase as world tensions increase. Lack of preparation and plans to deal with the consequences place countries and businesses at significant risk." These attacks will often use Botnets, said Ira Winkler, noted security expert and best selling author, "Botnets will create the largest losses and potentially large scale Internet outages. Botnets enable spam, spim, phishing attacks, distributed denial of service attacks, extortion, etc. The attacks result in billions of dollars of thefts, millions of dollars of extortion, and billions of dollars in productivity loss."

A related threat cited by the experts was the problem of web browser security. Caleb Sima, Chief Technology Officer of Atlanta-based security company SPI Dynamics, said the web tools used by software developers are the key enabler for hackers and that in 2007, "The security of the web application becomes the #1 concentration of security teams". In addition, corporations are increasingly losing control of their own networks according to Joel Scambray, noted author and Chief Strategy Officer of Leviathan Security, "..applications and data continue to perforate everything (inbound and out) and mobility proliferates beyond anything we've yet imagined"

None of the experts interviewed expected significant government action to address these issues in 2007. In addition, some experts felt that businesses still lack a basic understanding of the importance of information security and the Chief Information Security Officer (CISO). CISO job security is tenuous according to Scambray, who said to "expect more churn as exec management continues to struggle with how to integrate security as a business imperative rather than a bolt-on."

The 3 items below will definitely keep the bad guys out: