2007 was a huge success for Marshal, from new security innovations and strategic partnerships to continued market growth. Expecting even greater accomplishments in 2008, we are busy developing the latest in email and Web gateway security and management solutions that will address the key security issues for 2008 and beyond.

We would like to share with you our insights and perspectives on how the market and the security threat landscape will look in 2008.

The following is a list of the top eight security issues and technology developments we expect to arise in 2008:

1. Continued growth and danger from spam

As volumes continue to swell, spam will remain the number one security issue impacting businesses in 2008. Spam will continue to include volumes of nuisance spam that advertise products such as Viagra, watches, software and pharmaceuticals. However, the complexity and malevolent nature of scam spam designed to steal money from users will become more pervasive in 2008. Phishing emails will become increasingly common and video spam will also surface as spammers look for new hooks to mislead users into downloading malicious code.

Of growing concern is the continued success of targeted threats. Spammers are increasingly launching more targeted attacks on business executives, such as C-level staff, that have privileged access to sensitive and valuable information about organizations and individuals. We expect spammers will increasingly use information acquired from social networking sites and data theft to launch more targeted and sophisticated scams in 2008.

2. Increased scale and sophistication from botnet attacks

Today, organized crime groups employ professional malware writers to help them create botnets (refer to Cybercriminals story). A handful of groups currently control the vast majority of the world's spam. They also initiate devastating 'denial of service' attacks and are reaping vast sums of money renting "airtime" on their botnets to other spammers.

We expect to see more, professional botnets with similar or even greater power than the Storm botnet. Late last year, we identified the "Celebrity Spam Gang" and found they are also responsible for generating up to 20 percent of the world's spam. We anticipate there will be more large-scale botnet activity from copycat gangs as well as a number of organized crime gangs over the coming 12 months.

3. More social networking and Web 2.0 scams

Increasingly, Web 2.0 sites such as Facebook, LinkedIn and YouTube will continue to be a big target for malware writers in 2008. User suspicion levels are lower when accessing familiar sites such as these and site members are more likely to open a message purporting to be from "friends", other members of these sites or from the site itself. All of these avenues have been observed sending unwanted email this year.

4. New security risks from virtualization

Virtualization is expected to grow rapidly over the next few years. According to a leading information technology research and advisory analyst, 70 percent of large organizations plan to use virtualization by 2010 to control costs and better use and manage resources. At present, there is little vulnerability known, but with the increasing reliance on virtualization, it is only a matter of time before attackers begin identifying vulnerabilities and targeting virtualized environments.

5. Focus on the risks of data leakage/mobility

Data leakage will remain a significant security issue in 2008. Although many vendors are claiming to incorporate data leakage capabilities into their gateway solutions. These capabilities are often limited and do not offer comprehensive inbound and outbound protection. This has led to many organizations becoming complacent about data leakage, believing they are adequately protected.

In addition, the growing number of mobile workers or 'Road Warriors' is leaving organizations even more exposed to unintentional data leakage and intentional data theft. Endpoint security is a growing requirement for many companies needing more control of end point devices and ports. Endpoint security solutions, such as Marshal EndPoint Security, should offer similar levels of granularity as secure email and Web gateway content filtering solutions.

6. Demand for more complex email security technology

Demand for more comprehensive and complex email content filtering solutions will increase in 2008. Organizations are subject to more regulations and controls than ever before. As a result, we are seeing more complex policy and consistent enforcement requirements from businesses. In response to this demand, we are pleased to announce the recent release of MailMarshal SMTP 6.4.

Demand for internal email protection will increase in 2008 as organizations become increasingly aware of the importance of monitoring and controlling inappropriate or malicious content sent via internal email. While there are a myriad of products that filter email content that enters and leaves an organization, there are very few that filter emails distributed within an organization. For more information on MailMarshal Exchange, click here.

7. Requirement for Web security beyond URL filtering and http

Many organizations cannot efficiently and proactively manage or filter content accessed via Web browsing in realtime. This inadequacy coupled with the increasing sophistication and capability of websites is causing a rapid rise in the number of attacks and security compromises caused by Web browsing. This trend will continue in 2008.

We anticipate organizations will get extremely serious about protecting this commonly used, and most often inadequately protected, door in and out of their networks, across protocols including http, https, instant messaging and peer-to-peer.

They will look for secure Web gateway solutions that extend beyond URL filtering to provide increasingly sophisticated Web access controls that prevent users from accessing inappropriate or malicious content - without compromising their Internet experience. They will require enhanced solutions that use multiple techniques to ensure the actual content being accessed is safe and suitable. The solutions required will also need to manage content that leaves the organization to prevent data leakage. For more information on WebMarshal 6.0, click here.

8. Convergence of diverse endpoint security solutions

EndPoint security will be another focus for innovation towards the end of 2008 and into 2009. There are currently two groups that offer endpoint security solutions. On one side, traditional anti-virus endpoint solutions are focused around preventing the spread of malware and managing intrusion prevention. On the other side, niche endpoint solutions focus around device and port control, typically for data leakage prevention. These two options will eventually integrate and converge with the leading vendors extending further with deep content inspection capability.

In summary, 2008 promises to be a busy year of product innovation for Marshal. It will also be a busy year for spammers and cybercriminals. If you would like to learn more about the security landscape in 2008 and how your organization can stay steps ahead, we invite you to contact one of our Marshal security experts.

Yours sincerely,

Ed Macnair
Chief Executive Officer
Marshal