Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

ABTV

7/11/2017
08:30 AM
Curtis Franklin
Curtis Franklin
Curt Franklin
50%
50%

HONEST Results: What Keeps You Up at Night?

What security issues are Security Now community members afraid of? Our poll tells the tale of the terror.

Creaky doors. Shadowy figures moving in the corners of the room. Objects that move of their own volition. And, scariest of all… a user with the password, "password." These are just a few things that might keep security professionals on edge. But what is it that most haunts the waking fever-dreams of the IT community?

That's the question we asked our community and the answers came back with few surprises and lots of emphasis: It seems that, on the whole, we're afraid about pretty much everything. Given the news cycle of the last 60 days, all of this makes sense. By a clear plurality, "I'm afraid of pretty much everything" was the leading response, with over one third of the community choosing the way of all fears.

As before, we recognize the limitations of our methods. We understand that the polls we conduct here on our pages aren't going to fuel academic research. That's why it's important that we properly label the conclusions. I think it's accurate to call them a Highly Opinionated, Not Especially Scientific Tally -- or, as I like to think of them: HONEST results.

On the other end of the scare spectrum, "What, me worry?" was the response getting the least love, with only 7% of the community members admitting that they lead lives of blissful unconcern. Perhaps the most interesting result of the survey was that insider threats led criminal and nation-state hackers for second place in the worry derby. "Keep your friends close and your enemies closer," seems advice that companies have taken to heart, if the concerns of the Security Now community are any indication.

Do you agree with the community? Is the hive mind off-base? Let us know in the comments section, below, the things that keep you awake at night. And head over to the new Security Now poll -- the wisdom of the crowd is what keeps things interesting around here.

Related posts:

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.