Cyber-Disaster a 'Whisker Away' in RSA CEO's 2013 Security Forecast
Hackers Continue to Get More Sophisticated
"Evidence of criminals collaborating with rogue nation-states, exchanging methodologies, buying and selling information, and even subcontracting their respective capabilities expands their collective reach and enhances their mutual learning curves."
As Mobility Grows, Perimeters Get Weaker
"Our attack surfaces will continue to expand and any remaining semblance of a perimeter will continue to wither away. Both will surely happen. My EMC colleague Chuck Hollis [vice president and global marketing CTO] in his set of themes for 2013 says that next year organizations will come to terms with the pervasiveness of mobility and start to catch up on the offering of services to their users. Bingo: wider attack surfaces. In addition, and somewhat needless to say, but I'll say it anyway—the slow but steady march to cloud-oriented services will once again expand attack surfaces at the expense of the perimeter."
Critical Skills Shortage Continues
"These changes will occur whether security teams are ready or not. In too many cases, not. There is a critical skills shortage of security professionals and many organizations can't keep up. High schools, colleges and universities need to be aware of this gap and program accordingly."
Governments Continue to Dawdle on Privacy Legislation
"National governments will continue to diddle or, should I say, fiddle (while Rome burns), failing to legislate on rules of evidence, information sharing and the reforming of privacy laws. Lack of privacy reform is particularly troublesome based on today's realities because many organizations have literally been put in the position of violating one set of privacy laws if they take the necessary steps to protect information, which they are legally obligated to do based on another set of privacy laws. Confused? So am I, but how would you like to be confused—and liable?"
We May Be Closer to Catastrophe Than We Know
"I abhor the phrase 'Cyber Pearl Harbor' because I think it is a poor metaphor to describe the state I believe we are in. However, I genuinely believe we are only a whisker away from some form of lesser catastrophic event that could do damage to the world economy or critical infrastructure."
Rogue States May Get More Disruptive
"It is highly likely that a rogue nation-state, hacktivists or even terrorists will move beyond intrusion and espionage to attempt meaningful disruption and eventually even destruction of critical infrastructure. If all of this sounds depressing, well, it is. This isn't fear-mongering; it is a plausible extrapolation from the facts. But we can change the trajectory. There is already a tectonic shift under way from a perimeter to an intelligence-based security model. In an age where breaches are probable, if not inevitable, organizations are realizing that static, siloed, perimeter defenses are ineffective against the evolving threat landscape. Only an intelligence-based model that is risk-oriented and situationally aware can be resilient enough to minimize or eliminate the effects of attacks."
Good News: Security Experts Moving to New Models
"Despite all of the above, there is good security news coming. Responsible people in organizations from all verticals, industries and governments will move to that newer intelligence-based security model and pressure governments to act on our collective behalf."
Cloud Security Investments Will Grow
"I also predict a significant uptake in investment for cloud-oriented security services to mitigate the effects of that serious shortage in cyber-security skills."
A New Intelligence-Based Security Model
"Big data analytics will be used to enable an intelligence-based security model. Big data will transform security enabling true defense in depth against a highly advanced threat environment."
Like Cash, Collaboration Is King
"One final note: If we want to avoid going over the 'security cliff' and really want change we can believe in, we must act more collaboratively and decisively than ever before. The stakes are getting too high for us to wait another year."