With industrialized hacking on the rise, organizations serious about protecting their data must take proactive measures if they expect to win the war against cybercriminals. That’s Imperva CTO Amichai Shulman’s straight-forward message to applications owners everywhere and lists some real trends that are threatening businesses everywhere. My take, this is a good list, but while proactive is good, protective is better.
In this week’s TechJournal South article, “Industrialized hacking tops five data security trends for 2010″, Mr. Shulman’s data security firm listed its top five security predictions for 2010:
- The hacking community will form a supply chain resembling that of drug cartels. Their weapons of choice? Automated malware distributed via botnets.
- Cybercriminals will continue to focus on new ways to bypass existing security measures.
- Increased attacks on social networking sites susceptible to phishing attacks and malware.
- An increase in email password theft/grabbing attacks to apply to other applications such as online banking accounts.
- A move from reactive to proactive security as organizations actively seek holes and plugging them.
This list is a good one and makes sense. The threats that Mr. Shulman enumerates are serious and can do tremendous damage to an organization. Where I disagree is in what the trend will be for organizations to address these threats. Proactive security sounds good, but really is nothing new. Seeking holes and plugging them is the combined vulnerability scanning and patching strategy that burns company resources, results in fire drills and ultimately is ineffective at providing comprehensive protection against new attacks.
Companies more than ever need real protection not just proactive security. That is why application whitelisting is gaining such mindshare and traction. Protection means that the urgency of finding holes and filling them is lessened because despite the flawed nature of software development, endpoints are protected in spite of these flaws. It’s time to move beyond software and processes that rely upon finding either vulnerabilities or creating signatures for malware that has already been created. That is security for yesterday’s threats. We need protection against all the threats yet to come.