Although vendor-written, this contributed piece does not advocate a position that is particular to the author's employer and has been edited and approved by Network World editors.
Everyone will agree that 2011 was a busy year in the field of data security, so as the year draws to a close it seems appropriate to begin the process of distilling our experiences into "lessons learned" that we can take into 2012.
Of course, there isn't room here to conduct a thorough examination of every significant event. Listing only the largest and most publicized events runs the risk of burying some of the more interesting items. So events are selected according to a combination of magnitude and ability to inform our thinking going forward.
In March we learned that the Comodo Certificate Authority had been compromised via one of its small regional resellers and tricked into issuing fraudulent certificates for a variety of high-profile websites such as Google. An independent Iranian hacker claimed responsibility.