informa
2 min read
article

Secure Computing Tells Where Your Biggest Insecurity Is: Inside Your Company, That's Where!

What are IT security professionals most scared of? Their companies' own employees, that's what.
What are IT security professionals most scared of? Their companies' own employees, that's what.According to a Secure Computing new survey of IT directors, the biggest problem they face lies inside their own organizations. Survey took place at a European conference, but I'd wager the concern levels are about the same here -- be nice if Secure Computing would do a comparison survey.

Of the 103 IT pros surveyed, more than 80 percent said that deliberate internal data theft and inadvertent employee-caused data leaks were their largest worries.

Hackers placed low on the list of big headaches -- less than 20 percent -- while e-mail is the IT department prime technology of concern.

That last will be worth watching -- the survey respondents listed a variety of Web 2.0 security worries (viruses, spam, data leaks.) If 2.0 concerns move to the top of the list, look for browsers to move past e-mail in the top app-worry spot.

As far as insider threats, my guess is that one will remain at the top of top threat-concerns, particularly as employees -- not just IT employees -- become more confident (whether it's justified or not) that they "know" what they're doing with keyboard and mouse, creating a perfect storm potential for inadvertent data leaks.

On the deliberate side, as employees become equipped with better and more powerful personal technology that can be used to grab data, look for endpoint vulnerabilities to become the increasigly dominant worry-spot.

Fortunately, most small and midsize business are able to a) have a better sense of all of their employees' nature, skills and potential (good and bad) and can also b) more easily put into place the policies and practices that limit the risks of employee data-leak mistakes and train sharp eyes (digital and otherwise) on potential employee data-crimes.

For bMighty's take on handling insider threats look here.