Cyber security has been described one of the most potential targets for the hackers of new age. This article discusses the emerging trends in this space.

“Cyber security should become second nature, just like brushing our teeth."  - a quote by Ken Watson effortless emphasizes the importance cyber security must have in our daily life. We examine in this article some of the sustained trends in the world of Cyber security and comment on some of the emerging ones.

Security over the Cloud

With the advent of cloud computing with several leading companies providing services over the cloud, securing the cloud will be the leading focus of users and software providers alike. With scenarios such as workloads moving across data centers and locations cyber security software will need to identify and protect both data and workload moving across physical locations as well as guarantee service and protection to key customer data for these Cloud users. Efforts such as the Cloud Security Alliance will be pivotal.

Sustained and varied blended attacks

Blended threats will continue to increase combining viruses and worms and aiming to impact not just he host or the target of the attack but using multiple means such as Trojan horses to attack vulnerable connecting devices such as servers or other devices such as mobiles. Most of these threads would be silent thus not requiring a user to say click on a link. These could use existing vulnerabilities that may have been caused in pre-attack exploratory attacks to actual serious damage at a later point.

Pre-packaged security and mandatory compliance

Continued extension to bundling would be pre-packaged security software such as anti virus being incorporated as a mandatory piece on operating systems. With the earlier comment on Stronger Laws a law with such mandate aside from being a huge financial boost to security companies and anti virus companies could be the Cyber equivalent of the Cyber cop asking for the “Driving License, Registration” please in driving parlance. Government linked compliance and deterrent methods could be an easy way of enforcing and removing low hanging vulnerabilities and reduce botnets. Most software would need to incorporate auto update as a mandatory feature to reduce un-patched systems.

Increased use of multi factor security

With the increased prevelance of multi factor auth such as One Time Passwords through hard and soft tokens, Biometrics incorporated as part of devices such as laptops the physical security aspect of the computer by password proliferation will be taken care. Additional improved support for biometrics as part of Windows 7 which was released as recently as last month will also help.

Multi device, virtual and physical OS, multi network security

Cyber Security software going ahead would not be restricted to a one device aspect. Anti Virus, Anti Malaware software would need to be ubiquitous to device such as functioning seamlessly across types of networks (say on a multi mode cell phone) or protocols (such as Bluetooth). With the prevalence of Virtualization in corporate networks with sustained focus on cost patching of virtual machines as the sessions are brought up or down will be a key.

Cyber terrorism and warfare

Cyber terrorism such as the recent example between Russia and Georgia or denial of service attacks by bringing down the server of a popular social networking site by targeted attacks will be an increasing trend.  The mob will not describe gun totting henchmen but as we go ahead every country would develop it’s own Cyber Mafia. Cyber Security software would need to protect against scenarios such as organized crime to steal financial information to the possibility of the mythical “Fire Sale” as depicted in the Bruce Willis movie “Die Hard”. The next equivalent of the 9/11 attacks or the Mumbai attacks could be bringing down of the Dow Jones or BSE Sensex.

Fortunately most security companies and software are sustaining focus and dollars on software, procedures and steps being taken for increasing co-operation between agencies such as IMPACT (the International Multilateral Partnership against Cyber Threats) with its Global Response Centre play a key role in co-operation, enforcement and deterrence, a kind of “Cyber Interpol”

Greater government focus and stronger Laws

As this year and next year goes ahead I see an increased government support such as the US declaring October 2009 as the National Cyber Security Awareness month and the appointment of a Cyber Security Advisor or in India, greater strengthening of the Cyber crime cells. Continued education in terms of “Catch them young” would mean continued update of school curriculums through papers on Cyber Security for students.

The focus on Cyber Security will continue to sustain and grow with each new technological innovation bringing its own security challenge to overcome and newer opportunities and trends each passing day.  

Disclaimer: Please note these reflect the author’s personal views and may or may not align with those of the organization the author is part of.

—By: Debashis Banerjee, Sr. Product Diveloper, Novell Software Development