Internal threats are still the worst threats, survey finds
Internal threats are the biggest security risk for firms, according to a recent survey of law enforcers, government officials and industry experts published by web security firm WebSense.
In the survey, conducted at last month’s e-Crime Congress in London, nearly half of respondents said internal threats from employees, whether deliberate or accidental, were a bigger problem than external threats such as hackers or organised crime.
The increase in sophisticated social engineering attacks and of staff using mobile systems is exposing more companies to risk, according to WebSense’s international product manager, Ross Paul.
“This research highlights the need for companies to use automated solutions, giving them more insight into what their employees are doing and what threats they can be exposed to,” Paul commented. “They also need to extend security measures to handheld devices as people begin to use them for more than voice and email. An in-depth, multi-layered approach to security is necessary today.”
In the survey, three-quarters of respondents said that the board should be held responsible for any security breaches, although 90 percent said the IT department was the biggest factor in ensuring security is not compromised.
Paul added that regulations such as Sarbanes-Oxley and Basel II are forcing board members to become more aware of IT security issues. “These [survey results] should send a message to the board that IT departments need to be provided with the resources to enable the new layers of protection that their firms need,” said Paul.
Internal threats are the biggest security risk for firms, according to a recent survey of law enforcers, government officials and industry experts published by web security firm WebSense.
In the survey, conducted at last month’s e-Crime Congress in London, nearly half of respondents said internal threats from employees, whether deliberate or accidental, were a bigger problem than external threats such as hackers or organised crime.
The increase in sophisticated social engineering attacks and of staff using mobile systems is exposing more companies to risk, according to WebSense’s international product manager, Ross Paul.
“This research highlights the need for companies to use automated solutions, giving them more insight into what their employees are doing and what threats they can be exposed to,” Paul commented. “They also need to extend security measures to handheld devices as people begin to use them for more than voice and email. An in-depth, multi-layered approach to security is necessary today.”
In the survey, three-quarters of respondents said that the board should be held responsible for any security breaches, although 90 percent said the IT department was the biggest factor in ensuring security is not compromised.
Paul added that regulations such as Sarbanes-Oxley and Basel II are forcing board members to become more aware of IT security issues. “These [survey results] should send a message to the board that IT departments need to be provided with the resources to enable the new layers of protection that their firms need,” said Paul.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: