The Skinny blog is written by Rick Smith, editor and co-founder of WRAL Tech Wire and business editor of WRAL.com.

RESEARCH TRIANGLE PARK, N.C. – “Cloud computing” and social media sites are the emerging target-rich environments for hackers, says IBM in its new X-Force trends and risk report.

Think “cloud computing” is automatically safe for your company’s data?

Think your personal information can’t be hacked at social media sites?

You’re wrong. While spam and other security threats are declining, hackers are looking for new targets of opportunity, and the “cloud” as well as social media are now on the radar screens.

And as the world goes mobile, don’t think hackers aren’t too.

While spam and other security threats are declining, hackers are looking for new targets of opportunity.

Enterprises have raced like lemmings over a cliff into cloud computing in bids to save money on hardware and IT support.

A great example of the trend is that hilarious CDW ad featuring NBA great Charles Barkley whose new office “looks like a basketball court.” It’s a huge room that once served as a data center packed with servers. Everything’s been moved to the cloud. So Charles then asks what’s a cloud?

The next question ought to be: Is it safe?

A secure cloud is what clients need to be looking for, says the X-Force team, whose business it is to track and combat the latest Internet, mobile, web and other cyber threats.

“Many cloud customers using a service worry about the security of the technology,” Ryan Berg, an IBM Security Cloud Strategist, says in the report. “Depending upon the type of cloud deployment, most, if not all, of the technology is outside of the customer’s control,” said Ryan Berg, IBM Security Cloud Strategist. “They should focus on information security requirements of the data destined for the cloud, and through due diligence, make certain their cloud provider has the capability to adequately secure the workload.”

A secure cloud is what clients need to be looking for, says the X-Force team, whose business it is to track and combat the latest Internet, mobile, web and other cyber threats.

As for social media, anyone who is gullible enough to believe online is safe probably deserves to be hacked. Some people are so paranoid that they won’t even use their PIN numbers for debit cards any more. They just hit the “credit” button, worried that someone nearby is recording their password. So why should social media sites be safe?

And let’s not forget mobile. More on that from IBM as it describes the biggest emerging threats:

Publicly released mobile exploits rise 19 percent in 2011 – “This year’s IBM X-Force report focused on a number of emerging trends and best practices to manage the growing trend of ‘Bring your Own Device,’ or BYOD, in the enterprise. IBM X-Force reported a 19 percent increase over the prior year in the number of exploits publicly released that can be used to target mobile devices. There are many mobile devices in consumers’ hands that have unpatched vulnerabilities to publicly released exploits, creating an opportunity for attackers. IT managers should be prepared to address this growing risk.”

BYOD should read BYOH as “bring your own hangover.”

Attacks increasingly relate to social media – “With the widespread adoption of social media platforms and social technologies, this area has become a target of attacker activity. IBM X-Force observed a surge in phishing emails impersonating social media sites. More sophisticated attackers have also taken notice. The amount of information people are offering in social networks about their personal and professional lives has begun to play a role in pre-attack intelligence gathering for the infiltration of public and private sector computing networks.”

So what’s one to do? Privacy is best policy.

• Cloud computing presents new challenges – “Cloud computing is moving rapidly from emerging to mainstream technology, and rapid growth is anticipated through the end of 2013. In 2011, there were many high profile cloud breaches affecting well-known organizations and large populations of their customers. IT security staff should carefully consider which workloads are sent to third-party cloud providers and what should be kept in-house due to the sensitivity of data. Cloud security requires foresight on the part of the customer as well as flexibility and skills on the part of the cloud provider. The IBM X-Force report notes that the most effective means for managing security in the cloud may be through Service Level Agreements (SLAs) because of the limited impact that an organization can realistically exercise over the cloud computing service. Therefore, careful consideration should be given to ownership, access management, governance and termination when crafting SLAs. The IBM X-Force report encourages cloud customers to take a lifecycle view of the cloud deployment and fully consider the impact to their overall information security posture.”

Amen, brother.

 Read the full report here.