Home > Uncategorized > Predictions for 2008

Predictions for 2008

The year 2008 is right around the corner and with it new, very significant information security-related events, some of them good, some of them bad, will undoubtedly occur. Based on trends that I’ve been tracking, I’d like to make the following predictions

1. Cybersecurity legislation regarding prompt notification of individuals potentially affected by data security breaches will be signed into law in the US. Other major cybersecurity-related legislation will, however, once again fail.

2. Fewer worms and viruses will surface in the wild–a continuation of the present trend.

3. Vendors of eVoting machines will greatly improve the out-of-the-box security of their products to the point that they will be widely deployed with far less concern for their security than has surfaced so far.

4. There will be a proliferation of rootkits, particularly kernel-level rootkits and rootkits that work as spyware, to the point that a surprisingly large percentage of systems that connect to the Internet will be rootkit-infected without the knowledge of either users or system administrators.

5. Attackers will continue to shift their focus from attacking Windows systems and towards attacking Linux and Macintosh systems.

6. An attacker or group of attackers will for the first time succeed in their attempts to bring the entire Internet down for a period of several hours or possibly even longer.

7. The trend of CISOs reporting to executive-level management will accelerate due to the increasing importance of information security within organizations.

8. PCI-DSS compliance will grow in focus and importance to point that it will become one of the top two or three security issues in security practices of organizations that deal with credit card information. The amount of fines for non-compliance will also proliferate greatly as an increasing number of corporations and organizations are found to be out of compliance.

9. The financial and legal repercussions of TJX’s data security breaches will snowball to the point that this company will be forced to sell itself or to merge with another company just to survive.

10. International cooperation in dealing with computer crime and information security issues in general will grow substantially due to the increasing realization that the overall lack of cooperation that has been too widespread over the years has gotten law enforcement and countries nowhere.

Predictions without explanations are of little value, however, so I will explain these predictions one-by-one in each blog that I write over the next five weeks or so.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.