The risks of having a false sense of security
Posted on 22 November 2013.
Organizations are overwhelmingly confident in their readiness to combat security threats, but may not be prepared for dangers linked to new technology models and increasingly sophisticated threats, according to CompTIA.

The overwhelming majority of companies (82 percent) surveyed view their current level of security as completely or mostly satisfactory.


But just 13 percent of firms say they've made drastic changes to their security approach over the past two years. This at a time when organizations have embraced cloud computing; enabled employee BYOD practices; and expanded their use of social tools.

"The use of new technologies necessitates a change in security approach," said Seth Robinson, director, technology analysis, CompTIA. "It's clear why companies view security as a top priority; but what's less clear is whether they are fully aware of which actions to take to build an appropriate security posture for a new era of IT."

Levels of concern for a wide range of threats remains virtually unchanged from past years, too. Most companies still view hacking and malware as the preeminent threats. But a host of new dangers are quickly becoming more prevalent, including Advanced Persistent Threats, Denial of Service attacks, IPv6 attacks and mobile malware.

"To truly 'move the needle' on security readiness, the overall approach must be re-evaluated from the top level of the business down through all departments," Robinson continued.

Throughout the 11 years of the CompTIA study the human element has been a major factor in both security readiness and shortcomings. This year is no different. Human error accounts for the majority of root cause in security breaches; and 51 percent of companies say human error has become more of a factor over the past two years. This may be due in part to the introduction of cloud computing, mobility and social media into the enterprise.

Yet it's striking that few companies (21 percent) view human error as a serious concern.

"End users control powerful devices and business-class systems, often without the oversight of the IT team," said Robinson. "While they may be able to use these devices and systems, they typically do not have the background knowledge and experience with security that allows them to recognize potential threats."





Spotlight

How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victimís financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if youíre using a RF-based card, along with our top safety tips to keep your payments secure.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //