"Our Black Hat survey is a valuable tool that creates awareness of the most pressing security and compliance problems that organizations of all types face today," said Paul Smith, CEO of PacketMotion. "The results can be helpful to user organizations, enabling them to find out how others in their market rank various threats and what new threats may be emerging. Some organizations may even find the results provide a checklist for ensuring their security and compliance initiatives are meeting their needs and challenges."
The PacketMotion Black Hat survey asked one hundred participants in five markets -- enterprise, government, non-profit, security, and other -- about the about most serious threats and challenges they see in the areas of security and compliance.
When it comes to the enterprise computing environment, the majority of participants named employees as the greatest security threat. Not surprisingly, privileged administrators were voted the second-greatest threat overall. However, different markets have different perspectives; enterprises and non-profits had a greater concern about hackers and cybercriminals. Government agencies, on the other hand, are more worried about security issues associated with third parties and contractors.
Industry regulations also present challenges to security. The PCI Data Security Standard (DSS) was named the biggest regulatory challenge overall, particularly by respondents in the enterprise and other categories. Surprisingly, not a single non-profit respondent mentioned PCI DSS, despite the fact that non-profits retain credit-card information. National Institute of Standards & Technology (NIST) standards were voted the second biggest challenge overall, with government respondents ranking it first.
While it can be difficult to achieve security, survey participants generally agreed that achieving compliance is equally tough. Those in the government and non-profit sectors, however, ranked security as being more difficult to achieve.
But one security issue above all others worried respondents; 62 percent believe that foreign, government-backed spies could infiltrate their organization, breach their security measures and steal corporate information. Only enterprises were generally optimistic that they are not espionage targets. The great majority of security experts placed the China/Asia region at the top of the list of likely suspects. Interestingly, only respondents in the security industry ranked Russia/Eastern Europe as equal with China/Asia in terms of the threat they pose.