The annual scoring exercise. The 2010 predictions get explicit review; new predictions for 2011 are made.
2010 predictions, scored
Summary review (full version in the year-in-review post):
- 13 affirmatives, 1 partial, 0 clear misses.
Calibration is reasonable. The cumulative archive across multiple years supports specific subsequent meta-analysis.
2011 predictions
For the year ahead, with explicit probabilities and deadlines.
Threat-side
1. Continued APT-style activity, with at least one major UK organisation publicly disclosing. 80%, 31 December 2011.
2. Continued Stuxnet-style ICS-malware development. 75%, 31 December 2011.
3. At least one major data-breach disclosure with substantial UK consumer impact. 85%, 31 December 2011.
4. Continued mass-mailing and bot-driven activity at sustained volume. 95%, 31 December 2011.
5. Continued politically-motivated DDoS following Anonymous pattern. 90%, 31 December 2011.
6. Substantial mobile-platform malware emergence. 80%, 31 December 2011. iPhone and Android exposure continues to grow.
7. Continued web-application worm and SQL-injection activity. 85%, 31 December 2011.
8. A specific high-profile UK retail-banking phishing incident. 75%, 31 December 2011.
Defensive-side
9. Continued Microsoft platform security investment. 90%, 31 December 2011.
10. Continued two-factor authentication deployment expansion. 85%, 31 December 2011.
11. Specific cumulative ICS-security investment by major industrial operators. 75%, 31 December 2011.
12. Continued takedown operations against major bot infrastructure. 85%, 31 December 2011.
Structural
13. Continued data-breach disclosure expansion across regulatory frameworks. 85%, 31 December 2011.
14. Specific UK regulatory tightening on data protection. 65%, 31 December 2011.
15. Specific cumulative subsequent international policy conversations about state-grade cyber operations. 85%, 31 December 2011.
Personal — Hedgehog
16. Continued Hedgehog client growth. 80%, 31 December 2011.
17. Specific cumulative subsequent decisions about scaling Hedgehog (employees, partnerships). 70%, 31 December 2011.
18. Continued Northcott and Towry Law secondments. 85%, 31 December 2011.
19. Specific cumulative subsequent additional secondment relationships. 60%, 31 December 2011. Browne Jacobson conversations are emerging.
Personal — broader
20. Continue weekly cadence on the notebook. 95%, 31 December 2011.
21. Speak at Infosec Europe 2011. 80%, 31 December 2011.
22. Attend at least four conferences. 80%, 31 December 2011.
23. Specific subsequent substantial writing project. 55%, 31 December 2011.
A meta-prediction
24. By end of 2011 I will have thirteen full years of prediction-scoring data. 95%.
A specific note on the Hedgehog scaling prediction
For 2011, specific cumulative cumulative cumulative subsequent decisions about Hedgehog scaling are operationally pressing. The cumulative client demand exceeds solo capacity for sustained periods; specific cumulative cumulative subsequent capacity expansion through specific employees, sub-contractors, or partnerships will follow.
The 70% probability reflects realistic uncertainty about timing and specific approach. Specific cumulative cumulative cumulative subsequent decisions through 2011 will inform the practice's longer-term structure.
A closing reflection
The calibration discipline continues across years. The cumulative archive supports both individual practice and broader community contribution.
For my continued practice: the discipline continues. The cumulative archive continues growing.
More in 2011.