When we started seeing more and more announcements around security incidents or alleged security-related incidents, the gut reaction of legislators was to create more regulation. The more regulations you create, the more important a regulator you are.
It really came to the point where it created a heavy burden on organisations, especially multi-national organisations.
What we are seeing now is nations trying to globalise on single standards. Will it happen next year? It will start happening. Legislators are taking their time.
I think it is a process that has started happening and it is a business need, so it will happen.
You also believe social networking will improve. What have you seen to justify this prediction?
We are seeing almost every week another improvement that Facebook is trying to incorporate into their security settings, not only their privacy settings - device profilings and one-time passwords through mobile devices and so on.
They have announced the introduction of their new email service [expected to be unveiled today]. This is certainly a dramatic change in Facebook's state of mind you cannot treat email servers and email messages the way you treat social network profiles. That is a whole different story.
My guess is that these two things are going to go hand-in-hand their entry into more business-side applications and, of course, the improvement in security because you cannot go into the business environment by just improving privacy. You need to take care of security, you need to make sure you do not end up as a platform for malware distribution. This is good news for us.
Another prediction is that insider threats will increase. Why so?
It is going to be a growing awareness issues because we are going to see more incidents.
Take, for example, the latest regulations and best practices in the UK. What they are really emphasising is not the security of the information but rather a disclosure of breaches.
What we're going to see [are] incidents that were, until now, concealed or privately closed, becoming public, because it was very easy for enterprises to not report incidents.
Now, with the new regulations, it will be easier for them to report rather than try to conceal them.
The good result of this will be when we see the real scale of the problem. The next step would be to actually take care of it and mitigate the risks.
So far, the regulation was more about disclosing rather than protecting. I think that once you have reached a certain degree about disclosure you cannot disregard the problem anymore and you must take action to really prevent a breach from happening.
