I love this time of year. The wind-kissed rosy cheeks, the smell of commercialism in the air, the inability for the average Californian to navigate the highways when presented with a sprinkling of rain and of course the predictions (here), (here), (here), (here), et al. Anton (here) has a collection of predictions (here)
So bad guys get smarter, cybercrime targets data not systems, bots evolve, mobile becomes a wider target, applications present new vulnerabilities, web 2.0 exposes new attack surfaces, the Mac gets hacked, and on and on and on – yawwwn!
My prediction: 2007 is the year that security is no longer seen as a magical, black art that is performed by some elite group of mystical druid coders that run IDA pro under FreeBSD on their hacked PSP’s well war-driving (that is so 2002) in their pimped out 1998 BMW M3′s.
So does security become irrelevant? well not exactly, but it is the year security goes main stream and becomes just another function performed by an increasingly taxed IT organization. Security will become less and less silo’d and more operationalized. Security and operational convergence will drive more technology convergence as vendors scramble to address multiple constituencies in the operations, security and compliance domains. The bottom line is that information security will begin to mature and evolve as I stated it must earlier in the year (here)