With only a little over a week until RSA Conference 2012, we’re keeping our eyes to the recent infosec trends to see what will be on everyone’s minds at the Conference. This week’s Friday Five looks at the latest predictions for cyber-attacks in 2012, the business of cybercrime and everyone’s favorite topic – metrics. Lastly, we read up on the cyber security news coming out of Congress with the newest introduced bill and whether or not tax breaks would be a proper incentive for security.
Prediction: Handful of Malicious Networks Will Spawn Most Attacks in 2012
A new report from Blue Coat had an eerie premonition for us this week: two-thirds of this year’s online attacks will be the result of malicious networks, or ‘malnets’. These distributed network infrastructures are designed to sweep up victims while they browse trusted sites and route them through malnets, sending them to exploit and payload servers. The complexity behind them allows criminals to stay one step ahead of traditional security measures like black lists. The good news out of all this? They’re easy to detect early on.
Five Tactical Security Metrics to Watch
There has been a lot of debate around security metrics – are they valuable or are they bunk? But some metrics are recommended. After all, infosec managers need some way to measure their progress. Here, Rob Lemos talks with IT practitioners about five metrics companies should take a look at and why, including attack surface area and vulnerability of critical answers.
Cyber Criminals Innovate Like Businesses, Forming Global Industry
Cybercrime has proven to be a profitable business in the past year, resulting in criminals becoming a lot more business-minded than we had thought. Thus, now more than ever it’s becoming important for organizations to develop cyber risk resilience. Read on to find out what else a new report, Cyber Security Strategies: Achieving Cyber Resilience, addresses about today’s trends and issues in information security.
Senators Introduce New Cyber Security Bill
Congress’ focus on cyber security signifies just how important it has become over the past year. In their next move to improve infosec in the United States, a group of senators introduced a bipartisan bill that calls for the Department of Homeland Security to assess risks and vulnerabilities running at critical infrastructure sites. The Cybersecurity Act of 2012 also includes new regulation requirements. The bill is certain to face opposition from groups like the U.S. Chamber of Commerce
.
Cyber Security and Tax Breaks: Is It Worth the Cost?
Here’s an interesting thought – would tax breaks actually improve security within enterprises or simply reward a few? With Congress focused on cyber security, one idea has been to offer financial incentives to companies that invest in security. While it may prompt some organizations to ensure their security is up to par, questions remain. How would you develop a fair system? How would you validate it? Would it even improve security? This article looks at both sides of the argument.