Despite the increase in government compliance requirements and the proliferation of security tools, companies continue to underestimate the threat from phishing, data loss, and other cyber vulnerabilities, new McAfee CEO David DeWalt said Tuesday.

In a keynote address at the InformationWeek 500 conference in Tucson, DeWalt said "it's amazing how low the awareness is of cybersecurity threats" among both government officials and corporate executives. "As the world has flattened, we've seen a significant amount of emerging threats from increasingly sophisticated groups attacking organizations around the world."

Citing recent highly publicized corporate data breaches that have beset major companies like Ameritrade, Citigroup, and Bank of America, DeWalt said that cybercrime has become a $105 billion business that now surpasses the value of the illegal drug trade worldwide.

Last week Internet stock trading company TD Ameritrade Holding said that one of its databases had been hacked by a thief who obtained personal information on some of its customers. Yesterday, an attorney launching a class-action lawsuit against Ameritrade claimed the online brokerage knew that someone had compromised its database as early as one year ago. An Ameritrade spokeswoman told InformationWeek that all of the company's 6.3 million accounts opened before July 18 of this year were exposed.

Worldwide data losses now represent $40 billion in losses to affected companies and individuals each year, DeWalt says. But law enforcement's ability to find, prosecute, and punish criminals in cyberspace hasn't kept up: "If you rob a 7-Eleven you'll get a much harsher punishment than if you stole millions online," DeWalt remarked. "The cross-border sophistication in tracking and arresting cybercriminals is just not there."

Looking ahead to new forms of threat detection and enterprise data security, DeWalt outlined five major trends that will reshape the security industry and transform how companies secure their corporate and customer information in the next few years.

The first is industry consolidation, as the large number of small vendors become acquired or give way to larger companies. "The security market will go through the same transition that other industries have," DeWalt said. "Right now you've got 50 or 60 vendors out there, and customers are faced with the questions of how do you integrate all those solutions, and create interoperability between them? It's not sustainable."

With vendor consolidation will come the transition from multiple security agents on desktops and laptops to what McAfee terms "unified threat management," with a "single pane of glass" that allows IT managers to monitor and manage systems and devices across the entire network through a single console or platform.