Incident and vulnerability research points to anticipated information security trends
Redwood Shores, CA – November 15, 2010 – Imperva, the global leader in data security, announced today its predictions for the top ten information security trends expected in 2011. The report, compiled by Imperva’s Application Defense Center (ADC), led by CTO Amichai Shulman, is based on analysis of incident and vulnerability data from the past year as well as findings from the company’s Hacker Intelligence Initiative and field work with enterprise customers.
The report is designed to inform and help IT security professionals defend their organization against the next onslaught of cyber security threats. A detailed report is available here.
Imperva's research team predicts IT security professionals will see the following in 2011:
- State-sponsored attacks, like the Stuxnet worm, will build on concepts and techniques from the commercial hacker industry to create more powerful Advanced Persistent Threats (APT).
- Greater transparency around insider security breaches and increased incident reporting as a result of new regulations covering the act of notification and disclosure.
- Increase in Man-in-the-Browser (MitB) Attacks will create growing concern for online service providers who must be able to serve and protect customers infected with some form of malware.
- Social network security measures will increase among prominent social networks and tools, placing greater emphasis on security over privacy as threat intelligence improves.
- Emphasis on file security in anticipation of data breaches where compromised data is in the form of files rather than database records.
- Compromised mobile devices resulting in data theft or loss as a result of lagging security measures such as identification and authentication and the spread of mobile malware.
- Cloud-based application and data security technologies will appear as a late reaction to the move of many applications and data stores to cloud technologies.
- Information security becomes a business process as CISOs and security professionals seek to better protect data as it flows through enterprise systems.
- Hacking industry will consolidate as amateurs are shut down and mergers among larger, organized groups takes place.
- Convergence of data security and privacy regulation worldwide and the emergence of a common framework as global businesses struggle to meet multiple, complex mandates.
"The threat landscape will evolve in many directions, making data security more challenging than ever," said Imperva CTO Amichai Schulman. "The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks. I believe that next year will bring the first major data breaches as a result of compromised devices. Additionally, the evolution of Advanced Persistent Threat techniques become an even greater threat to organizations as states leverage these tools for their own political and financial gain."
Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com , follow us on Twitter or visit our blog.
# # #
Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.