I’m a little late to the game but I thought I’d throw my predictions into the fire.
I wish I had posted this earlier. I had a bad feeling that something would happen to Twitter in 2009 that would make us all take a step back and say “Ummm….”. It didn’t take very long until this became a reality. On Sunday, January 4th numerous sources reported that Twitter accounts were being compromised. From the Zero Day blog:
A cluster of compromised Twitter accounts are sending out person-to-person phishing messages inside the Twitter network. These messages and the target website are similar to standard social network phishing messages, except this time they are very very short.
More and more organizations are including Twitter, and other social media tools, as part of their media relationship plans. It’s unfortunate that more security wasn’t wrapped around this tool from the start.
In my 2008 Predictions I said that training budgets were going to get smaller due to the economic downturn. Even though it looks like we’ve (mostly )made it through the bad spots organizations are not going to be spending money on training like they did 3 or 5 years ago. Everyone is timid right now and they can’t afford to take a chance.
This is, however, a good opportunity for self paced e-learning and self study methods to shine. Organizations and individuals will shy away from the big conferences in favor of alternative training methods.
You didn’t have NAC last year and you probably won’t have it this year. Budgets will be tight for new security capital expenditures and we security professionals will be asked to take the do more with less approach. It will no longer be a question of “Can we continue to operate without ‘xyz’?” but rather “How long can we continue to operate without ‘xyz’?”
A word of advice. Ensure that your proposals for new purchases include the current cost, any discounts you will receive before a particular date, what it will cost after the discount date, what it will cost over the next 3 years to operate, and what you expect this purchase will save the organization (money, bad publicity, and so on). Expect to fight for every capital expenditure in 2009.
Oh how I hate buzzwords…expect to be force fed the term cyberwar and all of it’s derivatives. The average person is starting to worry about foreign nations and unfriendly organizations attacking the infrastructure of their country. Is the threat real? That depends entirely on who you ask. Personally I think that it is possible to some extent but we’re not quite there yet. Will we get there? Definitely. I believe that every major nation has, or is working towards, a first strike scenario which includes the Internet.
Do you want to play a game? 😛
That’s all I’ve got. Let’s see what happens.