September 22, 2008
Many companies believe their data is at risk because they can't stop employees from using unauthorized Web services and applications, according to a study published today.
Three out of 10 organizations report that their business' Web security has been compromised by employees' use of personal Webmail accounts, social networking sites, and online video, according to Webroot, the security software vendor that conducted the research.
More than a third of respondents estimate that employees spend more than an hour a day on non-work-related sites, according to the study. Only 15 percent of the 648 companies surveyed gave their enforcement of Internet usage policies an "A" on a conventional "report card" grading scale.
"Businesses are taking measures to protect against email-based threats, but they are not yet attuned to the greatest threat vector today: Web-based threats driven by employee Web use," says Mike Irwin, COO of Webroot. "We found that Web-borne malware increased over 500 percent in 2007, as cybercriminals developed new ways to attack on-site and remote employees through personal Web mail accounts, social networking sites and other Web 2.0 applications."
One out of four businesses reported that a Web-based threat had compromised their confidential information, threatened online transactions, or caused a Web server outage. Yet nearly 30 percent of those surveyed said they did not know whether their organization or its employees are using Web 2.0 applications.
— Tim Wilson, Site Editor, Dark Reading
Read more about:2008
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
The Burnout Breach: How employee burnout is emerging as the next frontier in cybersecurity
Modernize your Security Operations with Human-Machine Intelligence
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums