Re: computer security vision for next 3-5 years

[Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>]

Add to that the potential spread of viruses for the Apple platforms.

I have to say though that I think what may become clearer in the next few
years is the success of the cloud model and the implications for security
and security agreements across enterprises such that responsibility for
compliance and discovery responsiblities and is clarified across
enterprise boundaries.  As a result there may be more interest in
federated identify management as previously closed enterprises open more
of there services to the web or subscribe to web-based services that use
internal authentication mechanisms.


Dexter Caldwell
Furman Universtiy


The EDUCAUSE Security Constituent Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU> writes:
> Given the current state of virtualization, we will probably start seeing a
> lot more virtualization and security technology/attacks emerging.
>
> I am going to take some wild guesses, but I would suspect that AV
> companies
> will start writing AV for the hypervisor so as to be able to scan the
> hosts
> without worry for rootkits and other malicious hooks.  Obviously there
> will
> be attack directed to the hypervisor, its API's etc.  AV companies may
> even
> take the approach of do scheduled offline scanning by rebooting the hosts
> (virtual or real) into live AV processes.
>
> More and more appliances such as IDS, IPS, FW, etc., will run virtualized
> or
> use virtual components.  For those who like the 'cloud' terminology, we
> might see a boom in attacks and security measures when resources become
> more
> and more decentralized.
>
> Smart device will be become more and more attractive to hackers and
> security
> companies.
> Smart appliances such as TV with embedded flash players will become new
> targets and a new venue for making money.
>
> My two cents.
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason R.
> Sent: Tuesday, January 12, 2010 11:25 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] computer security vision for next 3-5 years
>
> My boss asked me this morning to come up with a computer security vision
> for
> the next 3-5 years.  Since it is already 2010, I thought I'd get some
> input
> from the community on what would you like to see happen to computer
> security
> in higher education, how will your job change (if any), and how can we as
> computer security professionals in higher education institutions best
> protect against the growing threats?
>
> If you've seen any blogs/articles on computer security trends in higher
> education, please forward them my way.
>
> Here's what I've come up with so far:
>
> *      Social Engineering will still be the easiest way to get confidential
> information.
> *      Multi-factor security will be prevalent.  
> *      More data breach regulations.
> *      PDAs and smart phones will be encrypted due to the sensitive email/
> information that they store and how easily they are stolen.
> *      Anti-virus software will be still used, but application
> white-listing will become more prevalent.
>
> Some links:
> http://media.techtarget.com/searchFinancialSecurity/downloads/FISD09_MainBal
> lroom_Session8_StateofComputerSecurity_Ranum.pdf
> http://www.sans.org/security-resources/10_security_trends.pdf
>
>
>
> Appreciate any thoughts you can provide.
> Jason Youngquist
> Information Technology Security Engineer, Security+
> Technology Services
> Columbia College
> 1001 Rogers Street, Columbia, MO  65216
> (573) 875-7334
> jryoungquist () ccis edu
> http://www.ccis.edu