State-sponsored cyber attacks, like the Stuxnet worm, will build on concepts and techniques from the commercial hacker industry to create more powerful Advanced Persistent Threats (APT), according to data security provider Imperva’s report on top ten information security trends expected in 2011.
Imperva’s research team predicts IT security professionals will see greater transparency around insider security breaches and increased incident reporting as a result of new regulations covering the act of notification and disclosure.
The report also stated that increase in Man-in-the-Browser (MitB) attacks will create growing concern for online service providers who must be able to serve and protect customers infected with some form of malware.
Increase in social network security measures will be seen among prominent social networks and tools, placing greater emphasis on security over privacy as threat intelligence improves.
Emphasis will be more on file security in anticipation of data breaches where compromised data is in the form of files rather than database records, while compromised mobile devices resulting in data theft or loss as a result of lagging security measures.
Cloud-based application and data security technologies will appear as a late reaction to the move of many applications and data stores to cloud technologies, the report added.
Information security will become a business process as CISOs and security professionals will seek to better protect data as it flows through enterprise systems.
The report further stated that hacking industry will consolidate as amateurs are shut down and mergers among larger, organised groups will takes place.
The IT security professionals will see convergence of data security and privacy regulation worldwide and the emergence of a common framework as global businesses struggle to meet multiple, complex mandates, according to the report compiled by Imperva’s Application Defense Center
Imperva CTO Amichai Schulman said the threat landscape will evolve in many directions, making data security more challenging than ever.
"The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks, and I believe that next year will bring the first major data breaches as a result of compromised devices," Schulman said.
"Additionally, the evolution of Advanced Persistent Threat techniques will become an even greater threat to organisations as states leverage these tools for their own political and financial gain."