9. A Major Insider Theft Scandal Will Surface

Ongoing improvements in network security will encourage organized cybercrime groups to think about the long con. Somewhere next year, expect someone with access to data at a large organization to be caught working for or with a cybercrime group. The Identity Theft Resource Center anticipates a rising number of insider cases because of failure to follow basic workplace security protocols.

Contrarian view: As above, but the organization will be able to hide the incident, at least until 2011. This prediction has the added benefit of being difficult to prove wrong next year.

10. Clickjacking Strikes Back

Zscaler believes that the clickjacking vulnerability -- a way to alter a Web app's user interface to dupe users into clicking on concealed buttons -- will be employed in attacks more frequently. Jeremiah Grossman, founder and CTO of WhiteHat Security, and Robert "RSnake" Hansen, founder and CEO of SecTheory, disclosed information about the technique in October 2008. While some effort has been made to mitigate the risk of clickjacking, Zscaler says the technique can still be effective, particularly in attacks with a social engineering component.

Contrarian view: Why bother ,when you can just launch a window that displays a fake security scan and get clueless users to pay for fake security software? Ignorance is a vulnerability that isn't easy to patch.

For Further Reading:

Top 10 Smartphone Advances Of 2009

Getting Started With Full Disk Encryption

Wolfe's Den Podcast: Trend Micro Takes Security To The Cloud

Rolling Review: PGP Mobile 9.9.0 For Security On The Go

Application mobilization tools are both more effective and more confusing than ever. To develop this report, InformationWeek Analytics polled nearly 700 business technology professionals and interviewed mobile application experts. Download the report here (registration required).