Technologies and Trends to Watch For in 2009

Even though the global economic recession has cast a shadow in all forms of technological growth, information security
will continue to stay a dominant IT priority in 2009. Here is a list of technologies and trends to watch for in the coming months:
• Industry analysts are of the opinion end point security which is the antivirus software needs to evolve in order to survive. For endpoint security to evolve as a function of the changing threat landscape traditional antivirus, anti-spyware, and firewall software must merge with endpoint operations, data loss prevention, and full-disk encryption to become highly effective against all forms of cyber attacks.
• Watch out for the U.S to lay more emphasis on cyber strengthen as it beefs up its cyber security and calls for drastic improvements in a big way with funding; a real public/private partnership, and cooperative intelligence and law enforcement with a growing list of foreign nations.
• Privacy advocates such as the American Civil Liberties Union and the Center for Democracy and Technology are hoping for a change in the administration to lead to more comprehensive national privacy legislation in 2009 and beyond. With increasingly stringent privacy legislation, this momentum could push further privacy laws and a mandate in data encryption.
• 2009 will be a strong year for managed security services. Many organizations simply don't have the capital budget dollars or security skills to take on the increasingly sophisticated bad guys themselves. Companies such as Symantec, IBM, Cisco, and Trend Micro are likely to supplement on-site security equipment with scalable reputation and update services.
• As server and desktop virtualization continues to proliferate, there will be a need for better security tools for role-based access control, virtual server identity management, virtual network security, and reporting/auditing. It is possible that Citrix, Microsoft, and VMware will lead this effort with partnering support from others such as IBM (Project Phantom), McAfee, and Q1 Labs.
• In 2008, the majority of malicious code attacks targeted applications, not operating systems. This fact combined with growing focus on cyber security will force software companies to embrace secure software development efforts such as the Open Web Application Security Project (OWASP) or the SANS Software Security Institute. Microsoft and its Pro Network partners like Security Innovation are best positioned to bring secure software development best practices to the masses.
• Organizations who take a cue from the recent Microsoft/RSA announcement will be able to discover and classify sensitive information, apply security policies, and then enforce these policies throughout the network. Hopefully it becomes a reality in 2009 as documents and file systems are integrated with data loss prevention and enterprise rights management systems.