Jiri’s Notepad

Bonus issue of SANS Newsbites provides predictions for the next year from a dozen or so of usual suspects (and some unusual ones). At this point in time it may be interesting to revisit some of the last year’s predictions:

• Bruce Schneier predicted liability would become an issue. It hasn’t. But we are on our way.


• FBI NIPC predicted increase in attack frequency (yes), sophistication (probably yes, but not in a significant way), attacks on routers (no), change in perception of vulnerabilities (yes) and wireless as a new hacker’s paradise (yes).


• Half of William H Murray’s predictions happened (move from reactive to proactive security, more restrictions, more professionality, more defense in depth) half hasn’t.


• Markus Ranum predicted slow increase in automated patching. We are on the way.


• Gene Schultz predicted slow death of PKI movement (yes), major advances in IDS (ehhh), consolidation in security consulting industry (yes).

Overall, most predictions have been on target; experts may only have been more conservative about some issues.