By Jim Reavis

I would like to wish all security practitioners a happy holiday season and my hopes for a prosperous new year.  Let me share some random wishes I have for headlines I would like to see in the coming year:

• That the Russian Business Network will find fewer safe places to operate on the Internet and that supporting governments will see some negative consequences for their complicity.
• That we will get an accurate measurement of the cost of click fraud rounded to the nearest billion and that Google will place a firewall between the content network and the advertisement placement network to protect the integrity of both.
• That 2008 will be the year we all encrypted sensitive data at rest.
• That my teenage sons develop a business plan that pays them richly for all the time spent playing World of Warcraft and Guitar Heroes instead of doing their homework and chores.
• That security practitioners will understand that merely doing your job is no longer sufficient and that we all must reach out to our communities and industries on a volunteer basis and take ownership of our shared responsibility.  Here’s to healthy chapters of the ISSA, ISACA, Infragard, ASIS et al.
• That application developers validate their input.
• That strong authentication will be offered by all businesses that I conduct financial transactions with over the Internet.
• That US regulatory bodies and IT auditors give ISO 27001 a big bear hug and use this certification as the best practices gold standard for security compliance.
• That companies that outsource software development make automated security testing with popular tools a minimum acceptance requirement for the delivered code.
• That industry consolidation cuts in half the number of social networks I must participate in so I don’t offend that industry professional I met once three years ago and wants to connect.
• That we quarantine parts of the Internet so unhealthy that little good comes from those IP addresses (even if we hurt a few innocent people).
• That whomever the people elect as the new U.S. president knows what a botnet is.

Thank you for indulging me and my wishes, let’s work together to make 2008 a secure and successful year.