Endpoint

4/26/2018
12:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

70% of Security Pros Think Governments Should Regulate Social Media Data Collection: Venafi Survey

Meanwhile, 72 percent say government officials do not have a good understanding of threats impacting digital privacy.

SALT LAKE CITY – April 26, 2018 – Venafi®, the leading provider of machine identity protection, today announced the results of a survey querying 512 security professionals attending RSA Conference 2018. The survey evaluated opinions on the intersection of cyber security, privacy threats and government regulation.

According to the survey, 70 percent of respondents say governments should regulate the collection of personal data by social media companies to protect user privacy. However, 72 percent believe their government officials do not have a good understanding of the threats impacting digital privacy.

“These results are disturbing,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “While security professionals agree that government officials do not understand the nuances of social media and digital privacy, they’re still looking to them to regulate the technology that permeates our daily lives.”

In addition, 74 percent of the respondents said government officials do not have a good understanding of the current cyber threat landscape. Despite their lack of confidence, nearly half (45 percent) believe governments should be able to impose encryption backdoors on private companies.

Bocek added: "It’s disheartening that so many security professionals think encryption backdoors will somehow make us safer. There is no question that they will undermine our global economy and make digital communication much more vulnerable. Any backdoor will be extremely lucrative, so cyber criminals will spend an enormous amount of effort to steal one. And once a backdoor is leaked it’s certain to be available to the highest bidders on the dark web.”

For more information: 
https://www.venafi.com/blog/rsa-survey-should-governments-regulate-social-media-data-collection

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1786
PUBLISHED: 2018-11-12
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871.
CVE-2018-1798
PUBLISHED: 2018-11-12
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2018-1884
PUBLISHED: 2018-11-12
IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerabile to a "zip slip" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970.
CVE-2018-19203
PUBLISHED: 2018-11-12
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
CVE-2018-19204
PUBLISHED: 2018-11-12
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can cr...