As we close the door on another year of protecting our networks from the never-ending security threats, I hope the information I’ve provided in this blog has been valuable in your ongoing efforts to make your enterprise more secure. December was a month with a number of articles focused on the larger trends in security in 2009. Here are a few highlights:
Companies experienced some of the largest data breaches in history – Malicious attacks and malware threats exposed data on hundreds of millions of users in 2009. Interestingly, for many companies it was some rather mundane security failures that left organizations vulnerable to malware infections and increase incidents. Some of the more notable articles include:
Patch management continues to be an issue plaguing companies – Microsoft’s record number of security patches throughout its product line in 2009 underscores difficulties of keeping up with security patches. These vulnerabilities continue to be exploited by hackers to gain control of their systems and companies are in a constant catch up game. Several articles on this topic include:
- 5 essential patches of 2009
- Microsoft doesn’t rule out rushed patch for IIS zero-day vulnerability
- Microsoft to address 12 vulnerabilities: IE display zero-day
Malware attacks continue to infect thousands of servers across the Internet – Malware threats such as Gumblar and Zeus continue to bypass even the latest security systems, leaving enterprises unprotected against hackers executing malicious code and spreading malware. Some interesting malware trends include:
- Gumblar Continues to Spread, Thousands of Sites Infected
- Facebook users unwittingly solve CATPCHAs, aid spread of Koobface
Planning remains a critical component for securing data – Companies should reconsider their attitudes about security threats and re-examine their approach to protecting their systems and sensitive data against more malicious attacks. Some of the stories that discussed security strategies include:
- Heartland CEO and Other Experts Discuss 2009 Lessons Learned
- Web security strategy: Use cloud security services
If 2009 taught us anything, it is companies should be more vigilant about securing their network, and to prepare for the possibility that even the best defenses can still be compromised. I hope these blogs have helped educate you about security trends. I look forward to providing you with more interesting security topics in 2010.