Good news or is it?

By Kevin Coleman -- Defense Tech cyberwarfare correspondent

The cyber threat environment continues to evolve. The sophistication and complexity of the threats continue to surprise those who monitor this threat closely. However, there may be some good news, or is there? Multiple reports have been issued that show a slowdown in malware growth. First off, there are reports of 25 million strains of new malware being introduced in 2009. Malware’s average annual growth rate of nearly 100% dramatically dropped in 2010 with an estimated 28 to 30 million new strains being released.

One of the main reasons for the slowdown is the transition to Windows 7. History has shown us that when a new operating system is introduced, malware developers take a little over a year to learn the operating system, identify undisclosed vulnerabilities and produce malware. Analysis indicates 2010 began that transition. That means that in 2011 we will see the onset of malware addressing the Windows 7 operating system. The response will be the same as with every other cyber threat introduced to a new operating system. We will wait and see what vulnerabilities the new malware targets and create signatures that identify similar strains of the malware and put it in our security software. We repeat that process every single time a new piece of malware is discovered.

Albert Einstein once said the definition of insanity is doing the same thing over and over again and expecting different results. We keep addressing security in the same way year after year and we get the same results, but expect our ability to defend against malware and hacking to improve. It is far past time we take a new and innovative approach to protecting our information assets.  However, the recession and slow economic growth caused many organizations to reduce funding for research and development as well as product enhancement. In the past few years we lost ground when it comes to overall cyber defense.