What are IT security professionals most scared of? Their companies' own employees, that's what.
What are IT security professionals most scared of? Their companies' own employees, that's what.According to a Secure Computing new survey of IT directors, the biggest problem they face lies inside their own organizations. Survey took place at a European conference, but I'd wager the concern levels are about the same here -- be nice if Secure Computing would do a comparison survey.
Of the 103 IT pros surveyed, more than 80 percent said that deliberate internal data theft and inadvertent employee-caused data leaks were their largest worries.
Hackers placed low on the list of big headaches -- less than 20 percent -- while e-mail is the IT department prime technology of concern.
That last will be worth watching -- the survey respondents listed a variety of Web 2.0 security worries (viruses, spam, data leaks.) If 2.0 concerns move to the top of the list, look for browsers to move past e-mail in the top app-worry spot.
As far as insider threats, my guess is that one will remain at the top of top threat-concerns, particularly as employees -- not just IT employees -- become more confident (whether it's justified or not) that they "know" what they're doing with keyboard and mouse, creating a perfect storm potential for inadvertent data leaks.
On the deliberate side, as employees become equipped with better and more powerful personal technology that can be used to grab data, look for endpoint vulnerabilities to become the increasigly dominant worry-spot.
Fortunately, most small and midsize business are able to a) have a better sense of all of their employees' nature, skills and potential (good and bad) and can also b) more easily put into place the policies and practices that limit the risks of employee data-leak mistakes and train sharp eyes (digital and otherwise) on potential employee data-crimes.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024