February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Podcast with Fortify Software: The Many Dangers of Unsecured Web Applications | Main | TD Ameritrade Breach Gets Worse »

September 17, 2007
Insiders Now The Biggest Security Threat

According to the Computer Security Institute (CSI), company insiders have now overtaken viruses as the greatest threat to corporate computer security.

For the 2007 Computer Crime and Security Survey reported by Infoworld, the CSI questioned 494 security folks from different US companies and government organizations, finding that an insider incident had occurred with 59 percent of the respondents, with only 52 percent saying they had caught a computer virus in the past year.

The good news is that both insider incidents and viruses have been falling since the year 2000, when the two reached their zenith, but this is the very first time that insider incidents have eclipsed viruses. The CSI does define insider incidents in a very general way, including leaking or stealing company information, but also such things as using pirated software, or accessing pornography.

The other type of threat that the CSI is seeing an explosion of is "laptop and mobile device" theft, which many think will also soon overtake viruses as the second most realized security threat. The survey also recorded a growing incidence of targeted attacks, where 28 percent of the companies felt like they have been carefully chosen for a specific attack.

Internet-based attacks were also found to be more integrated, thereby blurring the lines between consumer and corporate security, which used to be seen as separate concerns.

"In the past, the struggle has been cast as one between security professionals and the criminals who attack their networks. Now, the picture is more complicated. Criminals attack both enterprise networks and steal customer data. They use this data to then attack individual consumers," the report concludes.

With the frightening rise of insider attacks, perhaps the corporate motto of the 21st Century is going to be, "Keep your employees happy."

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2316

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map