SANS CyberSecurity Technology Update

I received in the mail this week Edition 1, Volume 1 of the SANS Cyber Security Technology Update. It looks like they are using the same top 10 (20) format used by their successful FBI/SANS Top 10 vulnerability announcement. This time they are focusing on important technological trends tin the coming year. Response strategies will be made at the upcoming SANS conference in Las Vegas.
Top Ten Important Security Trends for the Coming Year
1. Laptop Encryption will be made mandatory at many government agencies and other organizations.
2. Theft of PDA smart phones will grow significantly.
3. More legislation governing the protection of consumer information.
4. Targeted attacks will be more prevalent particularly against government agencies, military contractors, and businesses with consumer data.
5. Cell pone worms will infest at least 100k phones.
6. VOIP systems will be the target of cyber attacks.
7. Spyware will continue to be a big problem.
8. Zero day vulnerabilities will result in major out breaks resulting in many thousands of PCs being infected
9. Bots will be bundled with rootkits making removal nearly impossible requiring a reinstall.
10. NAC will become more common.
Top New Attack Tools and Techniques
Metasploit 3.0
Blue Pill
Javascript Malware
Cross-Site Request Forgery
Wireless Device Driver Attacks
Importing Malicious Root Certificates.