Because I'm all about the "good enough."

Tuesday, December 20, 2011

Remember, predictions make a ...

Oh, no, I almost went there.  Pull up!  PULL UP!

'Tis the season for half of the security world to make predictions, and the other half to make fun of them.  Why do we even bother to make predictions, anyway?  In the analyst world, it's another chance not only to show you've been thinking hard about these topics, but also to talk about what you'd like to see happen.  Predictions can be a great way of starting conversations, if you look at them the right way.  (If you look at them the wrong way, they're great for raising a huge chorus of "Nuh-UH!" or even "You're kidding, right?  Call the coroner?")

But let's have some fun with unofficial "predictions" that are intended, as the horoscopes say, for entertainment purposes only:

  1. Big Data, having shed its sizeist origins and become Total Data, will go on to become Totally Leaked Data.
  2. Security teams will finally get invited to the table -- that is, the table at the pub where they can drink and commiserate with the legal, HR and audit departments.
  3. PCI will become the most widely used de facto security standard for cloud services.*
  4. Personal feuds will break out among security researchers and they'll start hax0ring each other, leaving the rest of us to breathe a little easier as we polish our Generation Z Firewalls.
  5. Patent wars will escalate among security vendors, causing a new crop of IT lawyers to go shopping for Maseratis and stimulate the economy.**
  6. Some enterprise somewhere will try to ban all email attachments in an effort to stop phishing, and text-only messaging on retro CRTs will become hipsta.
  7. Someone will try, and fail, to rename The Cloud into something more ambiguous.
  8. Security conferences will become Big Business, and some people will leave their hands-on security jobs to run them full-time.
  9. An analyst will issue a prediction with an actual number in it.  However, this number will be an attempt to quantify a qualitative metric, so it will be useless.  "GRC dashboards will be 15% greener!"
  10. Nobody will make risk management any more understandable than it is today.
*Okay, I slipped in something a little too close to the truth.
**You're probably wondering how I came up with such a far-fetched idea.

Now that I've gotten these published, feel free to refer back to them at this same time next year, and if any of them are proven wrong, you'll get your money back.  Guaranteed.