Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

10/30/2015
11:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

European IT Pros Survey: US Companies Dont Adequately Protect User Data from Government Surveillance

VMworld Europe Attendees Predict that the U.K. will Continue to Suffer More Data Breaches than any other European Country in 2016

Washington, D.C.October 21, 2015 – Thycotic, a provider of smart and effective privileged account management solutions for global organizations, today announced the results of a survey of over 100 VMworld Europe 2015 attendees conducted between October 5th and 15th in Barcelona, Spain. One of the key themes that emerged in Barcelona is that IT security has become a growing headache for organizations because modern IT infrastructure, increasingly virtualized, has not been "fundamentally architected for security."

Thycotic’s survey findings support that assessment. In general, attendees feel that US companies still have much work to do in order to protect user data from government surveillance and that the United Kingdom will continue to be a high value target for hackers. The VMworld Europe survey found that the vast majority of those surveyed, 86%, believed that US companies do not adequately protect user data from government surveillance. Further, when asked which European country was most likely to suffer the greatest number of data breaches in 2016, U.K. topped the list.

Security concerns were especially relevant for those engaged with maintaining or securing virtualized infrastructure. When asked if VMware ESXi has sufficient security tools in place to adequately secure virtualized systems, the majority, 62%, said it did not. This is especially concerning, since the vast majority of these same respondents, 69%, indicated that more than 50% of their organizations’ infrastructure environments are virtualized. 

“Our findings demonstrate that the industry still has a long way to go when it comes to protecting valuable assets in virtualized environments,” said Jonathan Cogley, founder and CTO of Thycotic. “Privileged account credentials represent high value targets for hackers, and, increasingly, those credentials are specifically being targeted in sophisticated attacks. Organizations in Europe and the US would be well-served to review and evaluate current methods of protecting and maintaining those credentials in virtualized environments.”

VMworld Europe, a gathering of thought leaders, SMEs and IT professionals, is focused on the latest advancements in virtualization and cloud technology. This year’s event focused specifically on virtualization innovations in the data center and how they will impact security, storage, and networking.

Attendees at VMworld are often responsible for controlling and monitoring thousands of administrative passwords across numerous endpoints and geographic locations. An enterprise privileged account management system that can quickly and easily scale makes organizations less vulnerable to a breach and better-equipped to quickly stop privilege escalation when an attack occurs.

 

About Thycotic

Thycotic, a global leader in next-generation IT security solutions, delivers an indispensable, comprehensive Privileged Account Management (PAM) solution to protect your "keys to the kingdom" from cyber-attacks and insider threats. Unlike any other security offering, Thycotic Secret Server assures the protection of privileged accounts while being the fastest to deploy, easiest to use, scalable enterprise-class solution offered at a competitive price. Already securing privileged account access for more than 3,500 organizations worldwide, including Fortune 500 enterprises, Thycotic Secret Server is simply your best value for PAM protection. For more information, please visit www.thycotic.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...