Cybereye | The threats ahead

Infrastructure networking technology figures to be the hot topic during the next year when it comes to researching vulnerabilities.

In a survey of attendees at the Black Hat Briefings security conference earlier this month, 49 percent of respondents said they intended to pursue research in this area. About a third said they will be looking at Web technologies for vulnerabilities.

The survey was commissioned by Symantec and conducted on-site by Applied Research during the first day of the conference, questioning 500 of about 4,500 attendees. According to the results, most respondents were independent researchers or information technology managers. The high-tech industry accounted for the biggest chunk of those responding, about 40 percent. Government was the second largest category, accounting for a quarter of respondents.

It is hard to know how much weight to give to a survey of this kind. The people at the conference represent a small, self-selected slice of the IT security community. Still, when it comes to original security research, it probably is significant ' many of these people like poking around in technical things, looking for flaws and vulnerabilities.

The emphasis being given to networking infrastructure probably is a reflection of the interest garnered by Dan Kaminsky, director of penetration testing at IOActive, who recently announced a flaw in the Domain Name System protocols. The issue got a lot of attention when the flaw and patches were announced in July, and Kaminsky's talk on the vulnerability and possible exploits was one of the more heavily attended sessions at Black Hat.

That also ties in with the finding that 46 percent of the respondents said Web services, or server-side issues, and the interactive services known as Web 2.0 would be where the top security concerns are found in the coming year. Among IT managers in the survey, browser and other client-side Web issues are the biggest concern, edging out virtualization, last year's hot topic.

As far as operating systems go, a lot of managers apparently are putting Microsoft Windows Vista on the back burner for a while. Last year, IT managers were focusing on the then-new Vista vulnerabilities as a major concern, but this year, Windows XP, is the operating system of greatest concern. Apparently, they have not found compelling reasons to switch to Vista and are turning their attention back to XP, which still is working just fine, thank you.

It looks like they will be waiting for another service pack or two, or maybe another version release, before going to the new operating system.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected