Secure
Computing today announced the results of an IT Director survey that uncovers a
rising concern of insider threats and widespread acknowledgement of being
unprepared for emerging Web-based attacks.
When asked whether they believed insider or outsider threats posed a bigger
problem to their organization, more than 80 percent of the 103 Directors
surveyed prioritise insider threats (defined as either unintentional data
leakage or deliberate data theft). Less than one in five respondents (17
percent) feel the external threats posed by hackers are more dangerous.
This could be in part due to the fact that 37 percent of respondents have
experienced leakage of sensitive information in the past year. In line with
this, internal security is at the top of IT Directors' shopping lists when
respondents were asked to rank potential future investments that included
perimeter security, staff mobility and network performance.
Email is identified as the biggest current security risk to respondents'
organizations (34 percent). Interestingly Voice over IP comes second (25
percent) and is deemed a bigger threat than Web surfing (browser-related
threats), which only 21 percent of IT Directors feel is the biggest threat.
Despite this apparent confidence, however, four in five respondents (79 percent)
feel they could be better prepared for Web-borne threats.
Established
external threats continue to be the biggest concern in a developing Web 2.0
environment. Viruses top the list of offenders, with 31 percent of IT Directors
feeling it is the biggest threat, while spam comes in second (18 percent) and
data leaks a close third (14 percent).
Kieran
Lees, Regional Sales Director for the UK, Ireland, South Africa and Israel at
Secure Computing, said, "It's fascinating to see how perceptions of the threat
landscape among senior IT decision makers is evolving, with the insider threat
and data leakage rivaling traditional external threats among IT Directors'
primary concerns. It's also very encouraging to see that security is starting to
be seen as a genuine business enabler rather than just a necessary evil."
When asked to rank their biggest external security concerns, hackers are surprisingly the
area of least concern, with less than a quarter (22 percent) of respondents
feeling they are the biggest threat. Malware appears to be the major headache,
with 56 percent identifying it as their biggest worry.
The biggest
budgets will be spent on strengthening internal security, with 35 percent of IT
Directors identifying it as their priority planned investment. Surprisingly,
considering the forecasted downturn in the economy, "IT asset management for
cost savings" is the lowest priority.
IT Security
is starting to be seen as a genuine business enabler - only one in 10
respondents (11 percent) feel their board perceives it as a "necessary evil"
whilst the remainder feel it is at least as important as any other IT project.
Over
two-thirds (68 percent) of respondents believe data breach disclosure should be
compulsory in the UK, as it is in the United States.
