IT Security Rewind – Week of January 9

by Josh Arrington

It’s time for the first IT Security Rewind of 2012. While 2011 was certainly shaped by several spectacular security breaches, if the beginning of 2012 is any indication, then we are in for another wild ride.

NoSQL is No Small Problem: Dark Reading shines some “light” on a serious vulnerability to track in 2012—the security flaws of database technology NoSQL. The article highlights that as with many traditional database technologies, the proactive management of privileged identities is a critical component to ensuring an effective security posture within these systems.

SCADA Issues Persist: There’s no lack of examples when it comes to highlighting the prevalence of vulnerabilities that exist in SCADA Systems. As Sara Yin of Wired highlights through coverage of a recent presentation by Blake Cornell, an independent security researcher, default passwords have played a significant role in recent incidents, including the Siemens breach. Again, it’s increasingly evident that using advanced privileged identity management technology can be part of an effective solution for managing these risky passwords that can be manipulated to gain wide-scale system access and control.

Consumerization of IT Risk: Consumerization of IT has carried over a hot topic for the security industry —is it 2012’s “cloud”-like buzz word? More importantly, what types of security risks does this trend pose? As reported in NetworkWorld, a survey of 520 CIOs found that 77% said they worry that “further consumerization of IT will lead to greatly increased business risks.” As enterprise technology continues to “go mobile”—this will be an important development to track, especially as individuals use mobile devices, such as phones and tablets, to share and exchange sensitive information.

So, 2012 begins. Let us know your predictions on the biggest security topics to watch for this year.