Constantine van | December 10, 2011

Top 10 List of the Top 10 Internet Security Prediction Lists

If the experts are right expect more advanced persistent threats, ransomware, social media ID theft, and requirements for IT security certification.

Here it is, so you don't have to enter the search term yourself: Top 10 list of all the internet security prediction lists (as ranked by Google) and -- for no extra charge -- their #1 prediction:

1.  SANS Technology Institute: Security Grows Up - A Niche Industry No Longer – I see the most dramatic change yet coming to the IT security industry. That is the entry of the big boys. Up until now IT security has frankly been a niche industry. No one segment has gone much over $5 billion in total spending. (The market for yogurt in the US is larger than the entire firewall industry.) By the Big Boys I mean the defense industry.

2.  Stephen Northcutt of SANS: TEOTWAWKI (The End Of The World As We Know IT) -- Today, if you want to call yourself security professional you have the freedom to do so, even if much of what you know is wrong. In the future, we will have to prove we are security professionals with credentials, possibly even a license. Now, folks that know me will be quick to point out that I have been saying this for some time. True, but that does not mean the gears are not turning. If you are familiar with the DoD instruction 8570, then you know that for DoD IT employees TEOTWAWKI has already happened; they have to have a certification.

3.  Fortinet: Ransomware to Take Mobile Devices Hostage – Over the past few years, FortiGuard Labs has witnessed the evolution and success of “ransomware” (an infection that holds a device “hostage” until a “ransom” payment is delivered) on the PC. Mobile malware that utilize exploits have also been observed, along with social engineering tricks that lead to root access on the infected device. With root access comes more control and elevated privileges, suitable for the likes of ransomware. FortiGuard predicts the team will see the first instances of ransomware on a mobile device in the coming year.

4.  Websense: Your Social Media Identity May Prove More Valuable To Cybercriminals Than Your Credit Cards – Bad guys will actively buy and sell social media credentials in online forums.

5.  M86 Security:  Targeted Attacks Grow More Damaging and Complex  –The past two years have marked a breakthrough in incidents of targeted attacks that were made public. This is most likely due to hacktivist groups such as Anonymous and LulzSec as well as the rise of Advanced Persistent Threats (APTs) being  used against commercial organizations. In the past year we’ve seen these kinds of attacks go to the next level, as large, global organizations and government agencies were attacked for commercial, political or military reasons.

6.  Tangled Web: Advanced persistent threats (APTs) will become more predominant - The explosion of APTs, also known as targeted attacks, against high-profile companies and government agencies in 2011 will become even more predominant in 2012. Organizations that come under fire from APTs will be at heightened risk, suffering tremendous credibility and financial loss.

7.  Wombat Security: A variety of popular mobile devices will flood the enterprise, forcing IT departments to make users more accountable for their devices – The increase and diversity of consumer devices such as smart phones, tablets and other mobile devices in the enterprise will absolutely cause a plethora of security woes for IT departments and security professionals.

Read the rest of the article at CIO online