From SCADA to Sony, RSA, Comodo, and Diginotar, to hacktivism and WikiLeaks, 2011 was arguably the most unusual and unexpected year in the history of IT security. So what does 2012 have in store for us? With an influx of bring your own devices (BYOD) and mobility, social media exploding, cloud computing knocking, and other operational challenges thrown in for good measure, if 2011 was the shocker, then 2012 is likely to be the kitchen sink of security concerns. We got the Websense® Security Labs™ researchers together to brainstorm, whiteboard, and vote. The result is our list of events likely to be among those that drive your life—and ours—in 2012.

1. Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social
media credentials in online forums. Spammers have been buying parcels of email credentials for a couple years now. We’ve seen carder sites where criminals can buy and sell your credit card information for pennies on the dollar. Want a South African issued card with a $25,000 limit with the user’s PIN? How about one from the U.S. issued by a bank in the Northeast along with the user’s social security number? Old news. Today, your social identity may have greater value to the bad guys. Facebook has more than 800 million active users, and over half of them log on daily and they have an average of 130 friends. Trust is the basis of social networking, so if a bad guy compromises your social media logins, there is a good chance they can manipulate your friends. Which leads us to prediction #2.