The first emerging trend for 2012 is the growth of Big Data. “Big Data,” says Ken Vander Wal, international president of ISACA, “describes not only the extremely large volumes of data being collected by enterprises in an increasingly connected world, but also their diverse sources, including social networks, sensor networks, customer chat sessions and more.” The result is a huge, and often chaotic mass of data; with an enormous challenge in merely locating, nevermind securing, data privacy.
One thing emerging from Big Data, however, is that through analytics corporate security can potentially be improved. And one company already exploring this area is Red Lambda, which uses its Neural Foam intelligence on grid computing to locate anomalous patterns in Big Data. These ‘anomalies’ can be used to highlight security breaches or attacks.
The second trend is the growth in consumerization, increasingly known as BYOD (or Bring Your Own Device). It “is a fast-moving train,” says Robert Stroud of ISACA and CA Technologies. “IT departments have to jump on it or risk getting left at the station.” But BYOD brings with it new security challenges. There is no longer a simple network perimeter to defend. “Organizations that embrace the BYOD trend need to consider a two-pronged approach to security by focusing on both the device and the data it can access,” he continued. “In 2012, we should see an increased focus on the mobile device and its access to information. IT will need to answer questions such as, ‘Who is accessing corporate information, when and from what device? Is that device trustworthy?’”
The third emerging trend is often related to BYOD: the growth in mobile computing including everything from smartphones and tablet computers to laptops and USB memory sticks. “2012,” says John Pironti, a security advisor at ISACA, and president of IP Architects, “will see a sharp increase in attacks targeted at mobile devices, either to exploit them or use them as an access point to corporate networks.” Anti-malware companies have increasingly warned about the exponential growth of smartphone/tablet malware over recent months, and expect to see this continuing. So basic end-point security is essential.
But equally important, says ISACA, is the need for adequate and enforced company policy. In a recent BYOD survey of 1,224 US consumers, 16 percent of the respondents said their organization does not have a policy prohibiting or limiting personal activities on work devices, while another 20 percent didn’t not know if one exists. Setting and communicating policies, says ISACA, is central to effective governance of enterprise IT.