In no particular order:
We Are Doomed
There is Hope
- Bot networks seem to be growing in size.
- Many web developers don't understand XSS, CSRF and SQL injection-type vulnerabilities.
- Anti-virus vendors are starting to send signature updates several times per hour.
- It takes a reboot to update Adobe Acrobat and updating VMware Workstation requires a 330MB download.
- Criminals are becoming more aggressive about protecting their enterpises via DDoS.
Targeted attacks easily bypass organizations' defenses.
- DNS remains a weak link.
- Wi-Fi is becoming more common, even though securing it remains a challenge.
- Prescriptive compliance requirements (e.g. PCI DSS) are making it harder to ignore IT security.
- Security technologies are becoming smarter (e.g., web application firewalls).
- Anti-virus vendors are paying more attention to behavioral protection and performance.
- The community's expertise in analyzing malware is becoming more sophisticated.
- Search engines are starting to warn users about potentially malicious sites.
- The law enforcement seems to be getting better at catching alleged cyber-criminals.
- It may be getting harder to host malicious sites on a large scale.
- Running out of steam here... Is the "Doomed" column winning?
Any suggestions for the lists above? We'd love to hear them. It's probably easier to come up with the items for the "Doomed" column, but consider what we can build upon to tip the scales in the defenders' favor.
Security Consulting - SAVVIS, Inc.
Lenny teaches a SANS course on analyzing malware.