SOURCE: Cenzic


December 06, 2010 09:46 ET

Emerging Enterprise, Cyber Wars and Mobile Technologies Give Rise to Security Concerns in 2011

Cloud Computing and Popularity of Android and iOS Bring New Opportunities for Cyber Criminals; New Worries for Corporations Targeted by Wikileaks Cyber Whistleblowers

SANTA CLARA, CA--(Marketwire - December 6, 2010) - New technologies have pioneered ways for businesses and consumers to benefit from sharing data in unprecedented ways, yet those benefits have come at the cost of an increased risk of security exploits and cybercrime. Security breaches escalated in 2010, and Cenzic, the leading provider of Web application security solutions, expects this trend to continue and grow in 2011. Issues fueling this rise will include the decreasing level of computer skill needed to hack, the increasing popularity of cloud computing, Android and iOS mobile platforms and the increased connectedness of devices, and the desire of governments to engage in cyber terrorism. The year will also see the emergence of business extortion as Wikileaks and its contributors race to publish the dirtiest secrets of big businesses.

"Many of the cyber attacks we will see in 2011 will be the familiar ones, such as cross site scripting and SQL injection attacks. The twist however, will be the availability of open source hacking kits, which turn an average computer user with a modicum of Internet skills into a hacker," said John Weinschenk, president and CEO of Cenzic. "As the barriers to hacking are removed, the number of hackers will rise and the hunt will be on for the quickest route to the biggest payouts. Ultimately, we may see hackers targeting unprecedented items, such as healthcare devices, cars, and home automation devices."

Cenzic's John Weinschenk projects the following security trends will emerge in 2011:

Security of Mobile Apps
Smartphone adoption is up and the number of mobile applications is growing exponentially. On the go smartphone access will be a concern to corporations that don't want employees accessing company secrets via unsecured mobile networks. For consumers, as banks and ecommerce sites deploy apps that give customers unprecedented access to their bank accounts, security becomes more important than ever.

New Platforms
The large user base created by wide scale adoption of iOS, and Android will increasingly make these platforms a target for hackers in 2011, which will likely usher in high profile mobile breaches.

Security of "Internet of Things"
We are beginning to see the networked interconnection of everyday objects -- often referred to as the "Internet of Things," with about 35 billion devices connected today and a forecast for that number to grow to trillions in the coming years. The growth will drive the need to secure the devices, which includes medical gadgets such as pace makers and car devices like the wireless tire pressure monitors on newer cars.

Open Source Hacking Tools
The availability of open source hacking tools will continue to grow, opening the door for a new era of hackers. Anyone with a modicum of computer skill and access to these tools will be able to easily target websites to hack for monetary gain.

Security For The Cloud, Security From The Cloud
As more companies use the cloud for their core business, securing the cloud becomes much more important. In 2011, we will see hackers exploiting the cloud as they look for low hanging fruit that can lead them to monetary gain. We will also see a major shift towards Web application security delivery for all Web apps using the cloud.

PCI 2.0 and Web Security
The PCI DSS 2.0 regulations rolled out in November will go into effect on January 1, and credit card companies will be working with their customers to ensure they are in compliance. As this happens, compliance will help to drive the awareness and adoption of security measures to companies large and small in an effort to protect Web sites and customers from hackers.

Wikileaks Publishes Corporate America's Secrets
Wikileaks has published confidential documents from Swiss and Icelandic banks, and has threatened to publish data from other high profile companies. In 2011, we'll see Wikileaks publish a marquee company's innermost secrets, including e-mails, documents, and records of major decisions such as fighting legislation, foiling rivals, employee dismissals and more. In 2011, potential leaks of unethical executive behavior and bad business decisions just may be the "smoking gun" that pushes senior executives to fund increased security across corporations.

Cyber Terrorism
2010 ushered in the discovery of Stuxnet, often referred to as the most refined piece of malware ever discovered, a clear indication that government sponsored cyber warfare has arrived. In 2011, we will see the U.S. and other governments increase their efforts to thwart cyber terrorists by picking up their offensive game and putting the Web to use as a weapon. Much like pawns in a game of chess, other nations will pickup their efforts leading to increasingly sophisticated attacks from Russia, China, Israel and Iran.

About Cenzic
Cenzic, a trusted provider of software and SaaS security products, helps organizations secure their websites against hacker attacks. Cenzic focuses on Web Application Security, automating the process of identifying security defects at the Web application level where more than 75 percent of hacker attacks occur. Our dynamic, black box Web application testing is built on a non-signature-based technology that finds more "real" vulnerabilities as well as provides vulnerability management, risk management, and compliance for regulations and industry standards such as PCI. Cenzic solutions help secure the websites of numerous Fortune 1000 companies, all major security companies, leading government agencies and universities, and hundreds of SMB companies -- overall helping to secure trillions of dollars of e-commerce transactions. The Cenzic solution suite fits the needs of companies across all industries, from a cloud solution (Cenzic ClickToSecure Cloud™), to testing remotely via our managed service (Cenzic ClickToSecure® Managed), to a full enterprise software product (Cenzic Hailstorm® Enterprise ARC™) for managing security risks across the entire company.

Contact Information