Monday, December 20, 2010

Security Reflections and Musings on the Year 2010

Here is my new annual post (on top of my annual top post chart and annual predictions):  Security Reflections and Musings on a Passing Year.

Totally informal. Subjective! No science has been harmed while making it!

So, what security events, things, happenings do I remember from 2010 (in no particular order):

  • 86% of breached companies had intrusion evidence in their logs” and other super-juicy bits from Verizon breach report.
  • Wikileaks. Your data will be stolen  and, if you are lucky, leaked. If you are not lucky, sold and then used against you. Boom! That was your business going down.
  • PCI DSS 2.0 is here – but the fight goes on. Now you merchants finally have to do it (or outsource card processing)
  • APT. Please forget APT (most people – NOT all) – while you are reading in the media about APT, your barely-there-security is being owned by Backwards Non-persistent Whaaa-you-call-that-a-threat? (BNW). Boom!!
  • TSA JunkGrabGate – please don’t laugh, but “S” in TSA actually …OK, stop laughing NOW… stands for …yeah, I know, I know… “security.” So, it counts as a part of security reflections for the year. It is definitely stuck in my head – and probably will be stuck in my head for more than a year.
  • RSA2010  conference – this was my first show where I was as an independent consultant (no vendor hat in hand) and I loved it. I am sooo looking forward to this year – and my press pass is already confirmed.

Maybe I can tag others to reflect on the year? Hey, others, Smile want to do it?

Stand by for my review of 2010 predictions and – yes!- 2011 predictions.

Dr Anton Chuvakin