Executives, IT officers most concerned about malicious insiders
Posted on 09 September 2013.
Bookmark and Share
An international survey polling 260 respondents from a wide variety of industry sectors has revealed that over half of them are more worried about their own employees turning rogue than about external cyber-threats.


Conducted by IT Governance, the survey's goal was to shine new light on how company directors and board members currently perceive IT security issues. Most of the respondents are from the UK, are IT professionals, and work for tech and financial firms, telecoms, and the government / local authorities.

A quarter of the total have said that their organization has received a concerted cyber-attack in the past 12 months. However, the true total may be higher, as over 20% are unsure if their organization has been subject to an attack.

Despite all that, over 40 percent of them say that their company is either making the wrong level of investment in information security or are unsure if their investment is appropriate.

And it doesn't help that reports on the status of the organization’s IT security are often delivered only once a year or in even bigger intervals - or that in only 30 percent of the cases board-level job candidates are aware and understand current IT security threats.

The good news is that customers are beginning to take the company's security credentials into consideration when choosing their suppliers. 74% of respondents say their customers prefer dealing with suppliers with such credentials, while 50% say their company has been asked about its information security measures by customers in the past 12 months.

Despite all this, compliance with the ISO/IEC 27001 security standard is not high (around 35 percent) with the companies whose employees / managers have been polled.

The UK-based consultancy has also offered a few tips on how to help your company turn negatives into positives, reduce risk and improve compliance and knowledge.





Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //