February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« The Challenges of SOA Security: A Discussion with Layer 7 | Main | Here Comes Fuzzing »

February 01, 2008
What is Security's Weakest Link?

We've all heard the cliche -- a chain is only as strong as the weakest link -- and in terms of security, where the rubber hits the road, I mean seeing the forest for the trees (now that we're in cliche land), it really is no surprise that Search Midmarket CIO News reports that a survey sponsored by GFI Software Ltd. proves that you're still only as secure as your most slipshod laptop-leaving password-written-on-the-palm-of-their-hand never-met-a-piece-of-malware-they-didn't-try-to-download employee.

Your company could have the Fort Knox of IT security, but all it takes is one simpleton in Sales or an idjit in IT (to say nothing of the folks who actively set out to sabotage) to make the security budget look utterly irrelevant and data-disembowel an enterprise.

GFI's asked 455 IT leaders of SMEs what would improve their security, and only 12% responded, 'A bigger budget.' 48% said better security awareness amongst employees, and another 25% said better security awareness amongst senior management.

Even more telling, 42% said they do not think their network are secure. Much of the growing insecurity is the proliferation of Web 2.0 technologies that have employees updating profiles on lunch brakes thereby bringing them ever closer to that one devastating malicious link.

What usually needs an upgrade then, is the level of communication between IT and end users. New employees need to go through a comprehensive course in what they can and can't do on the network (but what do you do about the executives already there?).

But that still leaves the proverbial sucker born every minute. And like they say in poker, if you can't spot the sucker sitting at the table then the sucker is you, in security, you really do want to spot the sucker and educate that sucker (and first and foremost, make sure that sucker isn't you).

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/3103

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map