The predictions for 2008's risk trends are out. Symantec says the number one risk for 2008 will be data breaches. Data breaches cost companies an average of $4.7 million per incident and that cost will only rise with time.

"Data breaches are indicative of an underlying trend: a movement away from hobbyist attacks... to targeted financially motivated attacks," said Amrit Williams, CTO of enterprise security company BigFix and a former IT security analyst for Gartner. "When you have a motivation that's driven by financial gain, the goal is to be quiet. You don't want to be seen. What the attackers are after is not to bring systems down. They're after the information itself."

Surprisingly, spam reached only number 3 on the list, behind data breaches and Windows Vista, which like the Windows OS's before it, is constantly being patched. The other trends that made the list include botnets, phishing, web plug in vulnerabilities, and virtual machine security.
Meanwhile McAfee released its only list of risk trends, which in addition to the trends on Symantec's list added gaming, Web 2.0 and parasitic crimeware attacks, which they predict will rise 20% from this year:

2007 saw several notable examples: Almanahe, Grum, and Virut. A parasitic virus called Fujack has spawned some 400 variants while parasitic virus called Philis, first spotted in 2004, has seen a resurgence.
Parasitic crimeware writes data into existing files rather than installing separate files. This makes it potentially more difficult to remove, if the malware author chose to overwrite necessary code. While this is an old technique, it hasn't been used much recently and that as a consequence, many of the newer anti-virus programs aren't adept at dealing with this tactic.

Check out both reports over at InformationWeek and prepare yourself and your company!