Tim Bass
Thu, 06 Dec 2007 13:34:31 +0000
As promised, here*is*the final draft of my perspective on the*top ten cybersecurity security threats for 2008.*
I reviewed many prior “top ten” threat lists and noticed most of them accidentally*confuse vulnerabilities and threats, listing vulnerabilities as threats.** In my review, I could not find any “top ten” threat lists which attempted to use, or follow,*the security professional’s textbook definition of threats.** Even the*2008 McAfee list makes this common mistake, listing Window’s Vista and VoIP as “threats” when, technically speaking, they are vulnerable systems (McAfee’s graph in their PDF has the caption “Windows Vulnerabilities” - this speaks for itself.)
My goal was not to create “yet another vulnerability list.”* Instead, my*objective was to create a top ten cybersecurity threat list which actually focuses on threats, not vulnerabilities.**Please feel free to comment, as there is certainly room for improvement.** Your comments are*very welcome*as we rapidly approach 2008.** Thanks!
Top Ten Cybersecurity Threats for 2008
** — Cyber masquerading to abuse, attack, blackmail, bully, extort, or molest.
** — Password*and identity theft*from phishing, spyware, malware and theft of hardware.
** — Criminal*use of botnets and botnet-like technologies.
** — Cyberbulling, cyberterrorism and other forms of electronic violence.
** — Subversion of democratic political processes.
** —*Criminal manipulation and subversion*of financial markets.
** —*Spying by governments, industry and criminals.
** —*Denial-of-service attacks.
** —*Sabotage, theft and other*attacks and*by disgruntled employees and insiders.
** —*Cyberspace vandalism.



Source...