After a year of shifting security threats that deepened their impact on Web 2.0 sites and expanded to attack mobile devices, some security vendors are expecting even more creative threats in 2010. For example, CA believes cyber criminals will continue to exploit platforms like Facebook and Twitter, but the criminals will also sniff out easier ways to steal sensitive information. CA says they expect criminals to hire "moles" to pinpoint weaknesses and use employees (or former employees) willing to siphon data for a profit. This new approach is why CA expects data loss prevention technology to provide growth opportunity to VARs in 2010. Overall, CA has ID'd these five top security threats in 2010.
"Quiet" cyber attacks — past attacks were often "loud" in an attempt to gain attention; today, they are becoming "invisible," with cyber criminals working hard to remain under the radar as they pull personal, sensitive data off networks.
Internal threats — While employees misusing data and making mistakes is a constant threat, the internal threat has morphed to having more intentional motives as a result of the poor economic conditions.
Attacks on mobile devices — with new and innovative ways of using mobile device platforms (e.g. games that collect information) and more open interfaces, criminals will be looking for ways use information on mobile devices to make money.
Security in the cloud — the growing adoption of cloud-based models will shift the responsibility for the security of data in the cloud to the organization collecting the information. This will drive more specific customer/vendor agreements.
DLP — With a "predicted" increase in threats coming from inside an organization, companies will need to look for new ways to improve control and protection of data. Consequently, DLP will become more "identity-centric" and more "content aware."