- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
The 1979 film "When a Stranger Calls" portrayed the terror-filled night of a young woman fielding prank and increasingly threatening calls that climaxed when the police determined "the calls are coming from inside the house." Today IT security executives experience a similar chill down their spine when they realize the biggest threat they face comes from internal security attacks and data breaches. (Compare Data Leak Prevention products.)
A recent survey conducted by The Strategic Counsel and commissioned by management and security software vendor CA showed that a majority of CIOs, CSOs, CTOs and other senior IT security executives consider security threats from within an organization a bigger threat to business than external attacks. The results revealed that 44% of respondents identified internal breaches as a key security challenge over the past 12 months, compared with 42% in 2006 and 15% in 2003. More than 34% of organizations reported a loss of confidential information as a result of security attacks and breaches, an increase from 22% in the same survey conducted in 2006.
External attacks are decreasing in numbers. According to the report, virus attacks decreased from 68% to 59% in the past 12 months, network attacks went down from 50% to 40% and denial-of-service attacks declined from 40% to 26%.
"The security breaches identified by IT security executives as most concerning are those coming from inside the company," says Lina Liberti, vice president of CA Security Management. "The external threats still exist, but IT security executives feel more confident that they can be quickly addressed, stopped or controlled to some degree. They identified internal security breaches and attacks as those with the biggest severity of consequences."
Internal breaches strike fear in the heart of IT security executives because of the company image blow and customer confidence issues that accompany an attack and that could expose confidential customer data and require public disclosure. Business costs associated with an internal breach include loss of productivity for 61% of survey respondents (up from 52% in 2006). Loss of trust and confidence on the part of the customer also increased to 35% in 2008 from 30% in 2006. And embarrassment on the part of the company suffering the breach grew to 33% this year from 28% in 2006.
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (4)
FortresswareBy Anonymous on September 12, 2008, 1:10 pmWe just installed it. Doesn't require extra IT bodies and it's easy to use.
Reply | Read entire comment
lancopeBy Anonymous on August 19, 2008, 2:37 amwe have it also but requires way too much time and effort .... we dont have 3 bodies to manage it
Reply | Read entire comment
StealthWatch - superior internal analysisBy Anonymous on July 21, 2008, 8:39 pmLancope StealthWatch provides the eyes and ears needed for secure internal communications.
Reply | Read entire comment
Mazu NetworksBy scott on July 20, 2008, 10:55 pmAnd - exactly the reason why I have been using Mazu Networks for a couple of years.
Reply | Read entire comment
View all comments