Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

3/18/2010
11:10 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Survey: Spring Break Punches Holes In Security

Survey revealed that 32 percent of enterprises are receiving marginal to failing grades when it comes to adequately detecting, tracking, and reporting network activity and user access behavior

SAN JOSE, CA — March 18, 2010 — PacketMotion today announced the results of a survey conducted during RSA Conference 2010. The survey revealed that 32 percent of enterprises are receiving marginal to failing grades when it comes to adequately detecting, tracking and reporting network activity and user access behavior during spring break and other holiday periods. During spring break, remote and mobile access will increase because employees will check email while out of the office and log onto corporate networks to work on projects and access files. The survey asked 100 information security practitioners to grade themselves on their ability to detect, track and report remote and mobile user network activity during spring break. The results revealed that 20 percent are earning a C grade, 8 percent are earning a D grade and 4 percent are failing. The survey also showed that only a fraction of enterprises surveyed, 25 percent, are taking access management seriously and receiving an A, while 41 percent are receiving a B (other: 2 percent).

"These findings are troublesome. Unfortunately, internal security is more focused on controlling access to applications and not on broader controls for specific groups such as VPN remote users," said Paul Smith, PacketMotion president and CEO. "Only a quarter of the respondents have made adequate investments in their security and compliance programs. The majority of organizations still have considerable ground to cover in managing remote user access to reduce risk. If organizations don't address this threat, they will fall prey to insiders and outsiders who are preparing to take advantage of periods when remote and mobile access spikes."

Even more concerning, the survey revealed that when asked which user group presented the highest risk to their enterprises, 41 percent of security practitioners identified IT administrators — ironically, these are the users who should be the most trusted. Not surprising, remote and mobile users ranked second at 24 percent as the highest risk group of users that access the network, and contractors ranked third at 17 percent.

"When the group entrusted with the highest level of access is considered to be the greatest risk to security and compliance, the only way to mitigate risk is to invest in solutions that better detect, analyze and report suspicious behavior regardless of whether the employee is an administrator or an end user," said Smith. "Bottom line: We must have controls in place that prevent a fox from guarding the henhouse."

Additional compliance trends revealed by the survey include:

  • Global compliance: Enterprises in the financial services industry must be prepared to handle a rising tide of regulations if they hope to compete in the global market. Approximately 41 percent of the respondents stated that the financial services industry will be affected the most by global regulations. The government ranked second at 24 percent, and the pharmaceutical industry ranked third at 14 percent.

  • Compliance adherence: Enterprises continue to be concerned about their ability to meet and maintain compliance regulations. Only 26 percent of respondents stated that their enterprise is fully compliant on any given day. An additional 36 percent stated they are 80 percent compliant on any given day, and 35 percent stated they are typically 40 percent or less compliant.

    A two-minute video filmed at RSA Conference 2010 featuring some of the world's leading enterprise security professionals speaking about security and compliance is available at www.youtube.com/packetmotion.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
    Seth Rosenblatt, Contributing Writer,  1/11/2021
    More SolarWinds Attack Details Emerge
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
    Vulnerability Management Has a Data Problem
    Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    2020: The Year in Security
    Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
    Flash Poll
    Assessing Cybersecurity Risk in Today's Enterprises
    Assessing Cybersecurity Risk in Today's Enterprises
    COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-7343
    PUBLISHED: 2021-01-18
    Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
    CVE-2020-28476
    PUBLISHED: 2021-01-18
    All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
    CVE-2020-28473
    PUBLISHED: 2021-01-18
    The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
    CVE-2021-25173
    PUBLISHED: 2021-01-18
    An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
    CVE-2021-25174
    PUBLISHED: 2021-01-18
    An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).