POPT FALLS, Idaho – Social networking sites like Twitter, LinkedIn, Facebook and MySpace will pose one of the biggest threats in 2010, according to TriGeo Network Security, a provider of security information and event management technology for midmarket enterprises.

“Employees tweeting and chatting online are inadvertently handing hackers the ‘inside’ information that they need to quickly and easily penetrate corporate networks,” said Michelle Dickman, president and CEO of TriGeo Network Security. “Companies only have two options: block access to social networking sites completely, or enforce strict policies to avoid becoming the next victim of a significant data breach.”

TriGeo also thinks there will be fewer breaches in 2010, but these will yield record-breaking losses. According to the Identity Theft Resource Center, the number of data breaches in 2009 is on track to drop by nearly 50 percent when compared with 2008. That’s good news, But the bad news is that the impact of those breaches was far greater than ever before – with more than 220 million records exposed. This trend will continue, with more records exposed in 2010 than any year prior.

Two more American states will pass data breach laws. With the Obama administration clearly focused on cyber security, at least two more states will join Massachusetts and Nevada. New state-wide laws will be passed mandating that companies comply with specific data breach reporting regulations – creating new challenges for many mid-tier businesses.

Retailers will be the No. 1 target for attacks in 2010. As the economy continues to rebound and spending increases, retailers will again be the top target for data theft. Look for at least one major retailer to fall victim to a security breach that exceeds the losses faced by TJX, and for midmarket retail attacks to double as this lucrative trend gains popularity among attackers.

Increased vigilance from auditors. In 2010, the “checkbox” approach to compliance and security will no longer suffice – especially in the ‘highly-targeted’ midmarket. In the aftermath of Heartland Payment Systems – which exposed more than 130 million credit card records – compliance regulations will be refined and reinforced with greater specificity and steeper consequences. Auditors will demand deeper demonstration of security process, risk assessment, penetration testing, employee training and policy verification and enforcement through real-time analysis and incident response.

“Now’s the time to plug the holes and prepare for stricter regulations,” said Dickman. “If you think your corporate network sits safely behind layers of impenetrable defenses, you’re in for a rude awakening in the year ahead.”

This column was written by Mark Cox of ConnectIT, an IntegratedMarCompany

a>>