Take it to the Bank: Perimeter E-Security Unveils Top Five Critical Security Predictions for 2011

MILFORD, Conn., Dec. 16, 2010 /PRNewswire/ -- Perimeter E-Security, the trusted market leader of information security services that delivers enterprise-class protection and compliance to companies of all sizes, today revealed its top five critical security predictions for 2011.

"2010 was another year of living dangerously. Companies dealt with huge increases in malware threats, growing mobile security concerns about consumer devices such as iPads, and rising compliance pressures," said Andrew Jaquith, Chief Technology Officer of Perimeter E-Security. "Several high profile and sophisticated security attacks this year, including the attacks on Google and the release by WikiLeaks of US diplomatic cables, should cause companies of every size to reassess their existing security practices in the year ahead."

Jaquith highlights that these incidents offered several key lessons.  Increasingly sophisticated attackers are forcing defenders to raise their games, with tighter integration of defenses across content filters, endpoint controls and firewalls. The WikiLeaks incident, which culminated in the release of over 250,000 electronic cables, shows that data leakage prevention (DLP) products are no silver bullet. "Tools like DLP that inspect content are fine for filtering 'toxic data' like credit card numbers, but less effective for controlling the spread of secrets. Traffic monitoring and regular privilege reviews would have been more effective," Jaquith added.

As the only enterprise-class security services provider offering both comprehensive threat management and secure messaging, underpinned by strong compliance expertise, Perimeter protects over a half trillion dollars in assets for over 6,000 customers.  Perimeter's broad capability and customer sets give the company a unique perspective on threat management data spanning anti-virus, firewall management, web content filtering, intrusion detection and protection, and other data security and messaging applications.

Amongst Perimeter's top five security predictions for 2011:

Prediction #1 – Your employer will lock down your phone

With the increasing adoption of consumer devices such as the iPad and other tablets by businesses, companies will need to impose common security controls on these devices, regardless of the brand. That means being able to manage many different types of post-PC devices.  If you want to bring your mobile device to work, your employer will seek to enforce policies for passwords, device locking, remote wipe, and hardware encryption.

Prediction #2 – DLP will go mainstream

Although data leak prevention (DLP) products have their limitations, they are poised to go mainstream in 2011.  Enterprises are under increasing pressures to keep their communications and devices free of "toxic data" such as credit card numbers, social security numbers, personal financial information and health care information.  In the coming year, more companies across multiple industries will embrace DLP to keep their email and web content clean, and to filter data copied to removable media.

Prediction #3 – The "Advanced Persistent Threat" meme will die

The often broadly defined term "Advanced Persistent Threat" (APT), which to some vendors is described as malware, is in truth not a what, but a who. In the security community, APT refers to a long-term pattern of targeted sophisticated hacking attacks aimed at governments, companies and political activists, and also refers to the groups behind these attacks.  APT will be replaced with the more accurate phrase "State-Sponsored Cyber Warfare or Actors" as opposed to the generic and misused APT.

Prediction #4 – The U.S. will crawl towards EU-style data protection

The U.S.'s liberal culture of shared Personal Information will move towards a more stringent consumer aware model requiring companies to be good custodians of Personal Identifiable Information, especially with financial and healthcare information.  The Federal Trade Commission (FTC) December report "Protecting Consumer Privacy in an Era of Rapid Change" provided sweeping recommendations and mandates such as PCI, HITECH and state data protection laws are prime examples of this change.  In addition to these regulations and recommendations, tort law will add another layer of definition making U.S. regulations much more closely aligned with EU's data privacy mandates.

Prediction #5 – Public data security benchmarks will emerge

Thus far, security has been hard to quantify.  In the future, publicly available database sources such as Open Security Foundation's DataLossDB, a clearinghouse for documenting toxic data spills for personal information, will be used for benchmarking the safety level of companies.  Mainstream security vendors will more likely showcase the health of their customers in security report cards.  Furthermore, service providers will begin to collaborate to define common security metrics such as measures to compare companies and sectors and to provide a common baseline of security of companies' year over year.

"Information security is becoming increasingly complex and requires continual education, expertise and investment to fully secure the enterprise.  Every organization needs to re-evaluate their existing security policies, procedures and technologies to protect themselves from what cyber criminals and attackers are planning for 2011," added Jaquith.

A replay of Perimeter's webinar called "Five Data Security Predictions for 2011" is available here: http://www.perimeterusa.com/knowledge-center/webinars/on-demand#162.

About Perimeter E-Security

Perimeter is the trusted market leader of information security services that delivers enterprise-class protection and compliance.  Through its cost-effective and scalable SaaS platform, Perimeter offers the most comprehensive compliance, security and messaging services that include: hosted email, encrypted email, firewall management and monitoring, vulnerability scanning, intrusion and prevention, email anti-virus and spam, and email archiving.  For more information about Perimeter visit www.perimeterusa.com.

SOURCE Perimeter E-Security