At the mid of December I created a poll about "Security Predictions for 2012". The poll wanted to collect opinions about the most significant issue for business.
The reason I did this poll is that we could see during those days lots of predictions published from some guru or vendors, but I wanted to understand what was the general opinion of the security community.
You can see the available options reported in the box below
Here are the final results of the poll. I've collected 157 votes distributed as follows:
I've also received 11 comments that I'm very pleased to report here:
Thomas Hemker (voted for cloud security incidents) • Cloud Security Incidents include from my point of view also that people use non-comapny-approved cloud-services (e.g. Dropbox, Google) to store and exchange sensitive business information.
Stephen Russell (voted for mobile threats) • Hacking, cybercrimes, cybertheft alone. sloppy Co policies leaving loose laptops about with key data etc. NOT vetting hirees or vendors PT workers etc.
Alan Hunter (voted for cloud security incidents) • I agree with Thomas. It is a new technology, and as such, a prime target for cyber attacks, if not for "evil", then just to say they can.
Josie Weigand (voted for cloud security incidents)• Security monitoring and policy concerns go hand and hand. Everything else falls under each of these. If you fail on monitoring your systems effectively and lack the policies in which to follow, all security risks will pose a threat. Too many times, those that have the authority have pay grades too high to effectively monitor those with responsibility. Security is everyone's responsibility.
Balaraman K (voted for risks coming from social networks) • I think Social Networking sites are the biggest threat to Business in the years to come. Those face and non face books can erode all your IT Security Budget. Ironically they cannot be totally blocked. Increasingly, social networking may be the way to do Business, to be in touch with your customers. They will also be the biggest threat to security.
Sean Cullen (voted for cloud security incidents) • Cloud security incidents for me. Since most companies are realizing that outsourcing business processes/components to the cloud are not only cost effective as well as scalable - and they are eager to reap the benefits. Normally, an attacker would have to do quite a bit of research in order to gather intelligence on a target, since typical systems are masked behind firewalls, NATs etc. Cloud services on the other hand, by nature, are visible and are inherently designed to be accessible from anywhere by anyone. There will undoubtedly be integration issues with their current systems that could be the source of a potential exploit, so, with any new technology; caution should be at the forefront when implementing new technology when aligning Cloud services with your business.
David Gallego (voted for cloud security incidents) • I am concerned about Cloud computing. You are trusting sensitive information with a third party that you have no control over. You have no control over who the provider hires, the security systems in place, or even where the data is located.
Tokunbo Omiyale (voted for cloud security incidents) • I do agree it has to be cloud computing . I do think its serious security implications has been properly thought through before pushing the product to the market.I am pretty concerned using corporate data as a security test guinea-pig.
Thomas Pridham (voted for Privacy Concerns) • I am really concerned about 'cloud computing/platform' - it almost makes it sound magical and people (end-users especially) don't really care or know where their data is.....it's in a magical cloud somewhere with (hopefully) some really good security protection.
Clark Willis (voted for cloud security incidents) • The biggest issue will be "consultants" scamming companies into spending money through unqualified fear; after that, it will be the early adopters of the cloud scam.
Scott Brown (voted for cloud security incidents) • We already live in the cloud... where is your email hosted? How much information do you store on sites like this? Most companies already have a cloud technology, i.e. email scanning, web hosting services, but as Corporates move into cloud hosted services they increase the risk for themselves and users to be targeted. The more Businesses using the same cloud technology the bigger the payoff for hacking it... Technology is like everything else in life... using a single technology in moderation is better than over indulging in it.