There was less attention paid to Adobe Systems from a threat perspective in the first half of the year as cybercriminals turned their exploits against Java. The company had been implementing new defensive technologies to make it difficult for attackers to target its users. Its strategy of automating the patching process for its ubiquitous Flash Player, Adobe Reader and Acrobat software seemed to be paying off. The company also moved the architect of its product security transformation into the role of chief security officer. Adobe CSO Brad Arkin (pictured) told CRN he would pay attention to the company's overall security strategy and said the company would also step up its focus on cloud security.
Months later the massive Adobe security breach quickly deflated any gains the company had made. More than 35 million customer passwords were exposed as well as its product source code. Investigators are still determining the cause of the massive breach and the fallout is still unclear, said Wolfgang Kandek, chief technical officer at vulnerability management vendor Qualys.