Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Negligence rivals malware as greatest security threat

Lumension Security : 19 November, 2009  (Technical Article)
Study reveals that although businesses are locking down external malware threats more effectively, they're still leaving the door wide open to data loss through negligence and malicious actions by employees
According to a new study by the Ponemon Institute and commissioned by Lumension, negligent employees are beginning to rival computer virus infections as the biggest cause of data security incidents in UK businesses. While 84 per cent of organisations suffered from computer viruses and malware network intrusions in the last 12 months, the Worldwide State of the Endpoint Survey 2010 reports that more than six out of ten now lose sensitive data as a result of negligent employees and nearly three in ten have experienced malicious theft of sensitive data by employees. This is exasperated by the loss and theft of company desktops, laptops or other devices, reported by 55 per cent of organisations.

The prolific nature of data leakages is unsurprising given that 76 per cent of employees can email data out of their organisation without any trace and 70 per cent can download data onto a USB stick without detection. When it comes to protecting against virus and malware intrusions, over three quarters of organisations have reactive anti-malware and anti-virus technologies in place.

When questioned over the main challenges to protecting data against the emergence of new security threats and data leakage, the two critical issues identified were the lack of skilled personnel (49 per cent) and the inability to integrate multiple security technologies together (42 per cent). This is unsurprising given that 70 per cent of organisations are managing three or more security management consoles.

Alan Bentley, SVP of International for Lumension, comments: "Businesses need to manage multiple security technologies to prevent sensitive data from walking out the door and malware from coming in. This dual threat is proving difficult for most organisations, which are struggling with a lack of skills, budgetary constraints and the growing complexity of endpoint technologies that they need to run in order to reduce their risk at the endpoint. For organisations to get a clear view on where their data lives and is accessed and what threats they are being subjected to, they must bring the different security technologies together onto one endpoint management platform. Organizations need to integrate technologies with people, process, and policies to truly reduce complexity and costs while proactively defending against the latest data and malware threats."

"The State of the Endpoint provides still more evidence that companies are racing to adopt new technologies faster than they can understand their impacts on data security and develop effective use and integration policies," said Larry Ponemon, chairman and founder, Ponemon Institute. "As a result, networks are growing more and more complex, making the task of securing sensitive data more and more difficult."

"Endpoint security has always been a challenge, but the State of the Endpoint has identified the factors IT professions say are responsible for their biggest headaches. Not surprisingly, a lack of CEO support and insufficient resources are among the top culprits," continued Ponemon.

The State of the Endpoint study was conducted to better understand how emerging technologies such as Web 2.0, mobile computing, and employee-owned devices and technologies are affecting business environments and how organisations are managing IT risks across IT operations and security. The study also looked at significant perception gaps exist between IT security and IT operations professionals related to the complexity of security technologies, misalignment of IT and business objectives, technology integration, and employee skill and knowledge.

The study surveyed the opinions more than 3,000 IT operations and security professionals in Australia, Germany, UK and US. In the UK Ponemon interviewed 353 IT security practitioners and 401 IT operations.

Despite the wide adoption of new operational technologies - 76 per cent enable Web 2.0 networks to be accessed, 61 per cent have moved their data into the cloud and 57 per cent are utilising Virtualisation technologies - nearly three out of five organisations believe that their IT network is more secure than it was a year ago. Sixty per cent are attributing this to the deployment of new technologies and 35 per cent improving their security polices. However, 70 per cent have not deployed or don't intend to deploy these policies company-wide.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo