Looming Online Security Threats in 2008

It is high time we heightened our attention to the predictability and discovery of attack scenarios and stopped relying on antiquated recognition of known patterns in attacks.

Barnum, Bessimer, Forepaugh, whoever ... it's a fundamental truism.  Everybody's stupid somehow, sometime.  The advent of "Internet Time" really just allows more opportunities for exposing stupidity in a shorter amount of time. 

The security threats are the same as they have always been.  They just appear from different sources or use different sheepskin to hide behind.  And, the response from the security experts is essentially the same as it always is.

1. It is difficult for law to keep up with quick changing business and technology. 2. People take advantage of the lag is consumer protection.

Most if not every PC user knows they need some form of malware protection and most if not all PCs ship with some form of malware protection. So our PCs are pretty safe these days. But most people who use MySpace have no idea that they need protection when on MySpace (or FaceBook or any other "social" website).

Continuing development of online business will exert extra pressure to ensure that all developing area's of risk are protected. Social engineering is an increasing risk for corporate security as well as personal security. The web becomes as risky as email for security risks

It used to be that you had to watch what you threw out in your trash. Remember those days when you had to tear up and shred any hint of your name on papers that you were throwing out, and tearing up old receipts that had your name on them? Remember the early days of email when AOL and other email services told us not to use your name as part of your email address in order to keep personal information...

In my opinion this article does not introduce anything new to Online Users of the Internet.  Yes, we are all in awe when we some new technology that has surfaced on the Internet.  But the majority of the new technology is simply an enhancement of what has been implemented Online and strictly just needs a little bit of enforcement. The mere fact that many users (both in home and at work)...

After 200 hundred years we have learn nothing. There is nothing secure that isn't in your pocket - you better watch that too. Mars - never been there.

Social Engineering is an age old tool of spy's and new age hackers.  Using access credentials of authorized users is the easiest and less noticeable means to assume controls of technology resources.  "What you have" authentication factor(s) can provide administrators an upper hand in ensuring only authorized users access.

The dangers that lure for governments, enterprise and private citizens grow on a daily basis.Information Security & Awareness are processes that need more attention and governments and corporations have a responsibility here.

Cyber crime / warfare hits both governments, on corporate level and private citizens. And most important an (micro/macro) economy can suffer the aftermath of the risks that these dangers pose.

The implmentation of new technologies such as virtualization, social networking, cryptography, web 2.0 tools and services, and authentiation technologies bring new security challenges.  Data leakage is still top of mind with CISO and CIO.