What do security personnel consider to be the biggest threat to the corporate world?
- 37% say Data loss through internal threats, negligence or accidental loss.
- Other top threats include evolved forms of worms, viruses ; malicious attacks ; bots
According to a straw poll of IT security managers conducted by CDW, here’s what is on the minds of security personnel:
Of the 200 IT security professionals surveyed, there is a little bit of optimism that executive management understands the business risks:
- 17 percent of participants say that nothing at all would convince their companies to invest in higher levels of threat prevention
- 18 percent say that only a significant breach of their systems would compel an escalation in security investment.
- 39 percent of respondents believe that a specific assessment pointing out vulnerabilities in their IT security systems would lead to an increased investment in network protection.
What do security personnel consider to be the biggest threat to the corporate world?
- Data loss through internal threats, negligence or accidental loss, said 37 percent of respondents.
- Other top threats include: evolved forms of current threats, such as worms and viruses ; malicious attacks ; bots
“It is troubling to see so many organizations still struggling with preventable threats such as viruses and worms, when the stakes are so much higher from the risks that newer threats pose. It’s critical for businesses to secure themselves with the effective, readily available shields against ordinary threats, to free up time and resources for more proactive action against data loss and the rising threats of botnets and malicious, targeted attacks”
Doug Eckrote, Senior vice president of strategic solutions and services at CDW
Dear Facebook,
I appreciate your service. I really do. I’m sure that many of your 400 million active users appreciate it as well. But now that you have a market value estimated at billions of dollars, it is time for you to start acting like a grown-up company.
That means you have to provide basic security for your customers. And it means responding when your customers try to contact you, as I did recently to talk about an important security issue. Do you think you will be able to hold on to 400 million users if you treat them that way, and if you put their computers at risk? I don’t.
“you are leaving your users open to a major security risk.… I know malware when I see it, and I don’t allow scripts to run on my computer”
Read the rest of this open letter on IT Business.ca from Ira Winkler – the president of the Internet Security Advisors Group.
Websense just launched the indurstry’s first real-time security app for Facebook !
It provides Facebook page owners real-time content and security analysis of comments, wall posts, third party applications, links and other content posted to their Facebook page. According to Dan Hubbard, CTO, Websense…
“Other Web security technologies that try to address uncategorized Web 2.0 content using only virus signatures, URL reputation or categorization are fundamentally flawed and limited,”
Whereas other security offerings are designed to clean a user’s computer after it has been infected, Websense worked with Facebook to create the first and only security application that helps protect Facebook users from encountering malicious links, inappropriate content, viruses or spam, and is the first application to do so for both corporate and individual Facebook page owners.
The Websense security application for Facebook is immediately available in limited beta. To download it for free, or to learn more about the Defensio 2.0 platform for Web 2.0 sites, visit Defensio. To view a video introduction to Defensio 2.0 and its new features, see the video on youtube.
The Federal Privacy Commissioner’s annual report for 2008 was released to parliament today. It is clear that the focus is on the need to protect personal information online. The commissioner is cautioning the public to take greater responsibility for securing their privacy and thinking twice about what they post on the Internet. The need to be ‘Connected’ vs ‘privacy and security’… the ultimate balacing act.
“Many young people are choosing to open their lives in ways their parents would have thought impossible and their grandparents unthinkable. Their lives play out on a public stage of their own design as they strive for visibility, connectedness and knowledge,” says Jennifer Stoddart, the Privacy Commissioner of Canada.
Read the full report.
Small businesses often assume that they are too tiny to catch hackers’ attention. But the truth is that hackers don’t care who you are. Most of the time, they use automated programs to exploit a flaw in some piece of common software used by millions and attack them en masse.
Read the rest of this article in the Wall Street Journal by Riva Richmond. Some good advice on how to protect your business.
Think about it… ever curious about those great watches at really cheap prices ? Or that TV converter that gets you a million channels for free ? Ok, if not you, I am sure you know of someone who has…
Infact, a study released by the Messaging Anti-Abuse Working Group (MAAWG) confirms that 1 out of every 3 consumers admitted to responding to a message they suspected might be spam.
About two-thirds of the consumers surveyed considered themselves “very” or “somewhat” knowledgeable in Internet security. While most consumers use anti-virus software and over half said they never click on suspected spam, the survey also found that 21 percent take no action to prevent abusive messages from entering their inbox. A majority of consumers, 63 percent, would allow their network operator or anti-virus vendor to remotely access their computer to remove detected bots.
“Spamming has morphed from an isolated hacker playing with some code into a well-developed underground economy that feeds off reputable users’ machines to avoid detection. Consumers shouldn’t be afraid to use email, but they need to be computer smart and learn how to avoid these problems,” said MAAWG Chair Michael O’Reirdan.
Ideally, you want to ensure that you have security software that helps protect you from the inbound security risks, as well as protect your computer from any outbound risks such as a bot that is trying to ‘call home’ and transmit personal information it has garnered from your machine.
Facebook just released as statement with respect to the findings of the office of the Privacy Commisioner. Glad to see that the message of a coordinated effort being the key to true security in the Web 2.0 space is being re-iterated.
The Commissioner also recognised, as we (Facebook)do, that privacy and user control on the social web is a new area, which requires websites, users and data protection authorities to work together.
Here is the article in the Ottawa Citizen about the original findings of the Privacy Commissioners with respect to ‘serious privacy gaps in Facebook’ and her ‘ultimatum’.
As I speak to my friends and colleagues, it seems that there is still a large percentage of my social circle that have not fully embraced internet or online banking . This continues to surprise me, but in reading the recent article on CNET News, it would seem that my personal Canadian micro-study reflects the results of a larger (more scientific) study done by the Gartner Group in the US and UK.
They found that among the 4000 or so adults surveyed in the U.S., 47 percent said they now bank online. In the U.K, 30 percent echoed the same response.
41 percent of U.S. consumers and 38 percent in the U.K. blamed security as the most important reason for not banking over the Internet.
“The proposed legislation strikes an appropriate balance between the investigative powers used to protect public safety and the necessity to safeguard privacy and the rights and freedoms of Canadians.”
Another excerpt from the press release…
…”technologies have also provided new ways of committing crimes such as distributing child pornography. We must ensure investigators have the necessary powers to trace and ultimately stop crimes.”
Here are some thoughts from the Canadian Privacy Law Blog and the Gartner Blog on this legislation.
Your thoughts ?? Does it change things for you ? How does this affect your security policies ? Does it ?
It’s taken some time, but I’ve finally taken the first step and got my blog up and running.
It’s my hope that this site flourishes into a site where people can glean from and contribute to a dialog on IT Security from a Canadian perspective.
I will be posting news articles, resources and of course my own thoughts on everything ranging from technology, business processes, legislation and all things in between.
Please feel free to ask questions and comment.
And thanks for visiting.
