Government // Mobile & Wireless
01:14 PM
Keith Ferrell
Keith Ferrell
Connect Directly
Repost This

2011: Hackers' New Year

The new year brings plenty of the same old security challenges and problems, as well as some new mash-ups of old attacks.

The new year brings plenty of the same old security challenges and problems, as well as some new mash-ups of old attacks.With the new year -- the new decade -- just a couple of days old, it's already clear that whatever else 2011 brings, relaxation of the threat environment isn't likely, Dark Reading's Tim Wilson recently took a good look at the top threats you're likely face in the months ahead. Tim's top three picks:

1. Social Media: No news here, but a warning well worth repeating to all of your employees. Facebook, Twitter and the lesser players are prime hunting grounds for cybercrooks, and the increasing use of social nets by legit businesses will only serve to increase the energy attackers use when prowling for marks among the friends and followers.

Your best move -- short of banning social networking at work altogether -- is tighten your usage policies, and remind employees never to give up personal or business information to requests arriving via a social network (or via a link followed from with a net).

2. Mobile Devices: The smarter and more capable the mobile device, the likelier your people are to use it for business purposes... and the more appealing a target the device becomes.

Best move: Extend your device and data policies -- and defensive strategies and tools -- to every device that touches business data, and make sure employees' personal devices used for business purposes are included.

3. Smarter, More Complex Attacks: While old favorites -- brute force phishing, spoofing, etc. -- won't go away, the next wave of attacks is likely to be more sophisticated, involve a variety of techniques, and target critical systems.

Best moves: Make sure your security teams -- or vendors -- are as engaged with constant awareness, education and updating as they are with maintaining strong defenses against last year's threats and threat vectors.

The old threats won't go away -- and unfortunately neither will the behaviors that made them effective.

But unless you and your security personnel and policies are aggressively monitoring for the new threats, your new year will be anything but happy.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
Protecting Critical Infrastructure: A New Approach NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.