Hot topics for 2010 - discuss!

I've just been asked for my "hot topics" in infosecurity for 2010, so I thought it would be interesting to throw these out at you and see what you think, so here goes:

1. Security awareness
It's increasingly obvious that technical controls alone are not providing organisations with the security they need. Staff education and awareness, delivered in a creative and imaginative way, is critical to managing information security in 2010.

2. Cloud computing
Few organisations are giving serious consideration to the security risks inherent in the cloud computing model. Whilst day-to-day operations can be outsourced in this way, the responsibility for security cannot. A combination of technical, legal and audit skills are required to ensure the security of data in the cloud.

3. Defense against cybercrime
Organisations continue to underestimate the devious nature of cyber criminals and have little or no commitment to "thinking like a hacker". This mind set is critical in order to apply budget and resources to the areas where criminals are most likely to attack and to counter their methods effectively.

Opinions anyone?

Global crime networks

Today I was sent a link to an excellent video of journalist Misha Glenny, who spent several years investigating organized crime networks worldwide. If you watch one security-related video this week, this should be it!

Fame at last

OK - it had to happen, someone finally posted a video interview of me to YouTube. It's all about blended attacks and was recorded at the Combating Cybercrime in Betting & Gaming conference in January this year. I'm quite pleased with the interview, but I hate to imagine what the YouTube viewers are going to say! :-)