Data mining the future with security predictions
It has become somewhat of a tradition for information security vendors to pull out their crystal balls at the end of each year and do their best to predict interesting developments and threats for the coming months. It is also becoming a tradition for the security community to greet those predictions with emotions ranging from skepticism to sarcasm but in doing so we may actually miss out on an opportunity to better anticipate developing risks. That said, we need to watch out for hidden agendas embedded in those predictions of course.
Reading through the predictions I’m usually left with the impression that they fall into two categories; ‘bound to happen’ and ‘not a chance’. It would be easy to dismiss individual vendor predictions as obvious developments or scaremongering to push an agenda but with increasing numbers of predictions available we now have the option to collect them and look for trends or common themes. Granted, consolidating wild guesses and absurdities from various sources doesn’t magically produce accurate predictions. It may give an indication what best to watch out for in the coming year however.
For this exercise 137 information security predictions from 16 sources across the industry were collected and each prediction was categorized in one of 15 categories. The categories are somewhat arbitrary but I found these to be a good compromise between too broad and too narrow.
Figure 1 shows all prediction categories broken down by source. Besides the obvious observation that Sophos, FireEye and Palo Alto seem to really like making predictions we can also conclude that there may be a slight bias in predictions depending on source. For example, Sophos shows a noticeable prediction bias in the category ‘malware’, as does FireEye, whereas Mandiant seems to focus in on ‘state sponsored attacks’. This is expected and merely evidences that the predictions are mainly within the scope of their expertise. I’d mark that down as a positive.
Figure 1. Security predictions 2014 by source (click for large version)
Rearranging the chart by category shows 2014 prediction peaks for ‘Cloud platforms’, ‘Malware’, ‘Mobile workforce’, ‘Organized crime attacks’, ‘Vulnerability Management’ and ‘Other’.