Please, allow me to save you some time reading all of those Top 10 Cybersecurity Threats of 2013 lists from journalists, bloggers, analysts, vendors and other crackpots. Nearly all of them will include the 10 following threats, in varying orders:
- The Cloud – Lots of vulnerabilities out there.
- BYOD/Mobile malware – It’s a problem dealing with all these devices.
- Opportunistic Attacks/Social Engineering – Someone is going to try to get malware on your systems using targeted attacks.
- DDoS Attacks – You might be the target.
- Big Data – Again, lots of vulnerabilities.
- Cyber Espionage – Governments are behind much of this.
- Advanced Persistent Threats – Really sophisticated programs are being created.
- Mac Malware – Apple computers are targets too.
- Java is bad – Who knew?
- Hacktivism – It is a threat.
I trust your mind is now reeling as you consider these "new" threats.
Now, on to the awards segment of our show:
The award for Most Self-Serving Item on a Top 10 List goes to: Booz Hamilton Allen.
“Predictive threat intelligence analytics will create a more effective risk management capability.”
Care to guess what Booz Hamilton Allen sells?
We have a tie for the Most Painfully Self-Apparent Statement in a Top 10 List. This year’s winners are:
“Organizations must prepare for the unpredictable so they have the resilience to withstand unforeseen, high-impact events.”
“In 2013, organizations will need to ensure that they have adequate preventative and detective security controls in place.”
I have refrained from naming the sources of these two statements because there were so many other equally deserving winners.
Finally, the Award for Statement that Confused Me the Most in a Top 10 List goes to:
“Over the past year, the focus of cyber-attacks has seen a worrying shift from information and financial theft, to compromising critical systems in order to cause real world damage.”
I’m coming up with the attack on Aramco, but can't think of any other examples. Can you? Anyone? Bueller?