FRAMINGHAM, 9 JANUARY 2009 - Predicting the future is a futile exercise but there are some things that never seem to change year after year even though every effort is made by security professionals to raise awareness and reduce the risk. The list below is not unfamiliar to IT administrators and it is really a checklist of those security issues that resurface every year and are never completely dealt with.
1. Organizations will pay greater attention to security And pigs will fly! In spite of a series of security breaches in 2008 and increased awareness on the need to secure data, organizations will not heed the warning signs any more than they did in 2008. The 'it won't happen to me' syndrome will strike again and thousands of records will be put at risk.
2. IT security spending will increase With the world's economy passing through one of the worst recessions since the Depression in 1930, there is little hope that IT security spending will be increased in 2009. Administrators will need to rethink their purchasing strategy and look at more cost-effective solutions. Do more with less, will be this year's mantra.
3. Employees will use IT with greater security awareness A dream, to say the least. Employees will continue to use IT with little regard for security. They remain a serious security threat and the weakest link for any organization. They will still stick passwords to monitors, give out passwords without thinking twice and they will still use their portable devices to copy material.
4. Employees will not fall for phishing and social engineering attacks They may not fall for the boring emails offering immediate millionaire status but try calling the boss's secretary with an excuse that you need to reset her password and could she give it to you over the phone. Cyber crime and identity theft are expected to increase in 2009. You can bet your last dime, they'll be successful.
5. Employees will pay attention to company security policies Fat chance; even more so if those policies restrict their freedom on the network. Most employees don't even know the policies exist, so if the IT manual is still gathering dust on the shelf behind the IT administrator, you can't really blame them. But why bother if they won't listen, you may say. Point made. Point taken.
6. Facebook will be forgotten The only thing that employees will forget is when to start working. Facebook will continue to be a thorn for IT administrators unless they can restrict its usage in the organization. Then again, with all this talk of using social networking as a marketing tool, would you dare restrict access? The upside is you'll get to know who was partying when they should have been in bed nursing a cold.
Sign up for CIO Asia eNewsletters.