"That means security should plan on losing at least 5 percent of mobile assets, especially in a BYOD environment, and they need to have a plan in place for that. The CSO needs to recognize this is GOING to happen and have procedures and policies in place for before, during and after. This is an irreversible mega trend."
Politically motivated attacks
"Summer was once a typically quiet time because criminals were on vacation, too," said Wisniewski. "But that's changed in last few years because of Anonymous and Lulzsec and the kinds of politically-motivated attacks they are usually behind."
Wisniewski notes the so-called "hacktivists" have been known to favor long weekends, holiday breaks and quiet summer days because they know there are fewer people keeping guard.
Summer means its security conference season, including hacker conferences such as DefCon and Black Hat, both taking place in July.
"There are usually disclosures there around new vulnerabilities and that creates opportunities for people to try and exploit those vulnerabilities before companies can address them."
Wisniewski referenced a Black Hat event three years ago when security researcher Moxie Marlinspike showed a way of intercepting SSL traffic using what he called a null-termination certificate.
"Because of the press and the bit of showmanship around these conferences, there is usually a wave of people experimenting with the issues that are disclosed at these events."