There's a four-letter word IT pros know all too well: risk.

In 2007, IT executives will need to clearly evaluate risk as they weigh sometimes opposing proposals to bolster security, increase wireless connectivity, extend more business processes over the Internet and address regulatory requirements.

In the end it's a balancing act. To help tip the scales in your favor, we've put together a preview of what the year ahead holds in key technology areas.

For starters, security will be no less challenging in 2007 than last year, when plagues of bots, spam and phishing attacks threatened corporate environs. This year, in addition to generic phishing, enterprises will have to contend with custom Trojans and spear-phishing, aimed at specific individuals or corporations.

"The year 2007 is going to be the year of the custom-Trojan attacks," says Richard Stiennon, chief marketing officer at Fortinet. "These Trojans, which will be targeted at the help desk at a bank, for instance, will avoid being detected by the signature base. Traditional antivirus signatures will be increasingly futile."

"Malicious code won't go away, but attackers will shift their attention to social-based engineering attacks," predicts Oliver Friedrichs, director of emerging technologies at Symantec's Security Response division. This means using every trick in the book to fool a victim into thinking an attacker is a trusted source.

If that's not enough, some say the adoption of VoIP technology, which is subject to denial-of-service and stolen capacity, may lead to disruptions in traditional circuit-switched telephony as well.

"More trouble is yet to come in VoIP, and hackers are going to gain complete control over your VoIP network," says Rohit Dhamankar, senior security manager at 3Com.

Because VoIP servers "are interfacing with traditional ‘old phone' networks," he points out, hackers are likely to launch attacks through VoIP that will seriously affect the telecom infrastructure, such as Signaling System 7 for call setup. The result: downtime and criminal exploitation of the circuit-switched phone system through VoIP.

Other trends, says Friedrichs, can be traced to Web 2.0 technologies, such as AJAX, which support very flexible access to server resources behind the corporate firewall. This very flexibility appears likely to facilitate a new genre of exploits that will be difficult to detect and analyze, he notes.

Meanwhile, with Microsoft's Vista was expected to begin to gain a footprint in the enterprise and on consumer desktops in 2007, all eyes will be watching how well it holds up without patching. So far, some are at least optimistic. "Microsoft has made significant improvements in the core operating system," Friedrichs says.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Secure Wireless Printing Options
• Network-Wide Change Management Visibility with Route Analytics
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL

View more NETWORK MANAGEMENT whitepapers

Webcasts

• Managing the End User Experience-A Real World Example of Success
• Branch Office Trends and Best Practices
• Correlating granular network and application visibility
• Migrating to an MPLS-Based Network
• Round Table Webcast with Forrester Research
• Best Practices for Deploying WAN Optimization for Disaster Recovery

View more NETWORK MANAGEMENT webcasts

Special Reports

• WAN Optimization: The Ultimate No Brainer
• Ehternet Services: WAN options mature
• Keeping Spam at Bay
• Network World Executive Guide: The Virtualization Equation
• Application Performance Management Executive Guide
• Executive Guide: Building a Service Oriented Architecture

View more NETWORK MANAGEMENT special reports