Skip to main content

Security 2020: Reduce Security Risks This Decade

Security 2020: Reduce Security Risks This Decade

Doug Howard, Kevin Prince, Bruce Schneier (Foreword by)

ISBN: 978-1-118-25580-3 November 2011 336 Pages


Identify real security risks and skip the hype

After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today’s IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.

  • IT security needs are constantly evolving; this guide examines what history has taught us and predicts future concerns
  • Points out the differences between artificial concerns and solutions and the very real threats to new technology, with startling real-world scenarios
  • Provides knowledge needed to cope with emerging dangers and offers opinions and input from more than 20 noteworthy CIOs and business executives
  • Gives you insight to not only what these industry experts believe, but also what over 20 of their peers believe and predict as well

With a foreword by security expert Bruce Schneier, Security 2020: Reduce Security Risks This Decade supplies a roadmap to real IT security for the coming decade and beyond.



Chapter 1 What Has History Shown Us?

The History of Data Breach Disclosure.

The History of Vulnerability Exploits.

The History of Viruses and Worms.

The History of Edge-Based Security.

The History of Patching.

Hacker Methodologies.

Inbound Attacks.

The History of Malware.

Automated Attacks.

The History of Hacker Motivation.

The History of Botnets.

The History of Search Engine Hacking.

The History of Data Loss.

The History of Security Solutions.

The Making of a Cyber-Super-Villain.

The Botnet in Action.

Hindsight is NOT 20/20.

Chapter 2 External Infl uences on Security.

Information Security Drivers.

The Emotions.

World Events.

The Impact of Politics.

The Impact on Journalism.

The Social Engineer.



Breach Impact on Public Companies.

The Security Culture.

The Path to 2020.

Chapter 3 Technology Infl uences on Security.

The Movement Toward National Identity Management.

Internet Protocol in 2020.

2020: Remote Access Continues to Be a Problem.

The Search Engine Impact.

The Web Services Impact.

The Impact of Virtualization.

The Malware Problem.

The Web Browser.

The Portable Media Debacle, A.K.A. Mobility.

Advanced Persistent Threat in 2020.

The Network Edge.

The Security Software Vendor.

Personal Information and Data Correlation.

The Domain Name.

Chapter 4 Where Security Threats Will Come from in the Future.



The Ph-enomenon: Why so many attack methods start with "Ph".

Phishing, Pharming, SMSishing, Vishing.

Vulnerability Exploits.

Insider Threats.

Mobility Threats.

Infected Software.

Peer-to-Peer (P2P) Software.

Third-Party Threats.

Social Networking Threats.


Star Wars.

Infrastructure Attacks.

Social and Financial Threats.

Website Middleware Threats.

Doppelganger Attacks.

Chapter 5 Secure Communications and Collaboration.

Email, Instant Messaging, and SMS.

Online Webinars and Collaboration Tools.

Voice over IP.

Video over IP.

Storage and Retention of User-Generated Content.

Digital Rights Management and Content Protection.

Digital Rights Management.


UCC and UCC Compliance Requirements over the Next Decade.

Chapter 6 2020 Revolution or Evolution?

IT Security Revolution.

The Missing Deterrent.

Security in 20/20 Hindsight.

Intrusion Detection Systems, Intrusion Protection Systems, and Data Loss Prevention in 20/20 Hindsight.

Identity Management/Network Access Control/Single Sign-on.


SaaS and Cloud Computing.

Testing Your Information Protection: Penetration Test/Vulnerability Test/Risk Assessments.

Chapter 7 Security as a Business Now and Then.

The Purpose of IT.

Evolving Purpose into Action.

The Map to Success.

The Relationship: Security and Luck.

Security: An Industry or a Feature of IT?

Consolidation of the IT Security Industry.

Buying Security: Defi ning the Value.

Budgets and Prioritizations.

Venture Capital and Investment in IT Security.

Chapter 8 Impact of the Economy over the Next 10 Years.

Economic Recession.

What If?

Economic Booms.

Hyperinfl ation.

Skill Shortages.

Another Terrorist Attack.

The Outlook.

Chapter 9 Eleven (Maybe Not So Crazy) Scenarios That Could Happen.

Situation One: Which Way Do I Go?

Situation Two: Is the Network Down?

60 Hudson Street, New York City, New York.

900 North Franklin Street, Chicago, IL 60610.

56 Marietta, Atlanta, Georgia.

Situation Three: Snip the Wires.

Situation Four: The Pandemic.

Situation Five: Cyber-Hijacking, Blackmail, and Ransom.

Situation Six: The Facebook Killer.

Situation Seven: Is It Getting Hot?

Situation Eight: Which Way Is Up.

Situation Nine: Cyber-Hypothermia, Cyber-Heat-Stroke, Utility Terrorism.

Situation Ten: The Pundit Hack.

Situation Eleven: Stock Manipulation.

Chapter 10 Conclusion.


Information Asymmetry.

Tipping Point #1: Compliance Overload.

Tipping Point #2: Data Breach Laws.

Tipping Point #3: Liability.

Tipping Point #4: From Outsiders to Insiders.

Tipping Point #5: From Network to Endpoint.

Tipping Point #6: Cloud Computing.

Beyond Tipping Points.

Appendix Contributing Author Biographies.