More censorship, data breaches and devices: Security predictions for 2011

This past year has been a doozy in the security world. We kicked off the year by discovering operation Aurora, saw the first national-industrial sabotage attack with Stuxnet and are closing the year with Wikileaks about to become a constitutional crisis between the First amendment and a 1917 espionage law. Reality has well and truly become weirder than fiction.

Let me dive in and make some predictions for security in 2011:

Device explosion: Continuing from 2010, consumer devices flood corporate networks with security professionals trying to come to grips with all the new risks introduced. The good old days of only worrying about Windows are truly gone. Tablets, smartphones and other devices will push the ratio of devices/people well past 1-to-1. Desktop virtualization will expand a lot beyond just laptops and thin clients if we want to secure data on mobile devices.

Internet censorship and control: The "free" Internet is annoying too many governments and corporations. In 2011, the U.S. government will try much harder to impose controls, censorship, prior restraint and eavesdropping on the Internet. Expect to see unconstitutional laws passed and then challenged. Freedom of speech is far less popular in practice than it is in the abstract and it will be up to a small minority to vigorously resist pressure to abandon principles of free speech, net neutrality and content neutrality.

Breach notification: Gradually and with little noise, breach notification has become the highest impact regulation. Forget fines - just buying credit monitoring and sending letters to the 500,000 people whose identities you lost can cost tens of millions of dollars and wipe out your business. Breach notification cost scales with the size of the database you lose, yet your security budget and controls do not. Your only hope might be to buy insurance. Expect more businesses to disclose massive losses and then face massive notification costs.

Cloud computing privacy: In 2011, cloud computing (IaaS, PaaS or SaaS) adoption becomes big enough that you have the first legal skirmishes over the "expectation of privacy" in such environments. The feds will try to grab data without warrants. Hopefully, the service providers will push back. Either way, the legal parameters around ownership, privacy and lawful search & seizure will become better defined through legal precedent. Let's hope the new parameters don't make cloud unusable for anything other than Farmville.

Identity: Identity management, federated identity and identity-based controls continue to rise in importance, eclipsing location-based security. Mobile users and systems demand this new paradigm and the market is gradually responding. Cloud computing will only make the need for robust identity even more obvious and pressing.

Consolidation: The security market is incredibly fragmented, but it has been consolidating for years. Expect that consolidation to accelerate in 2011, as economic conditions and the IPO-disincentive of SOX make more companies opt for innovation-through-acquisition. Once again, customers are left with impossible choices: standardize on an incomplete suite of products from one vendor or try to integrate multiple vendors without any worthwhile open standards to do so. End up with swivel-chair management (multiple management consoles) either way.

While these predictions might provide a road map for upcoming trends, the security industry is punctuated by the unexpected, the disruptive and the outright extraordinary. That's the nature of an adversarial innovation arms race and that means plenty of good material for discussion. Happy New Year and thanks for reading!

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags firewallsConfiguration / maintenancesecuritydata breachhardware systemsData Centercloud computinginternetnetwork security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Andreas M. Antonopoulos

Network World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?