A lot has been written this past month about security risks to watch out for in 2010.
However, the results of the 2010 CSO Cyber Watch Survey, a cooperative effort between the U.S. Secret Service, Deloitte, the Carnegie Mellon Software Engineering Institute (CERT) and CSO Magazine, and a white paper from Deloitte's New Center for Security & Privacy Solutions, "Cyber Crime: A Clear and Present Danger," find that the cybercrime-fueled underground economy continues to breed a sophisticated arsenal of damaging tools and devices (malware, botnets, anonymizers)-and companies cannot keep pace or remain focused elsewhere.
According to the white paper:
"Threats posed to organizations by cyber crimes have increased faster than potential victims-or cyber security professionals-can cope with them, placing targeted organizations at significant risk."
While the survey reports a decrease in cyber crime victims (60 percent vs. 66 percent in 2007), Deloitte believes the majority of cyber-crime attacks may be going undetected, as organizations focus their security efforts on preventing hackers.
"Many organizations may be leaving themselves vulnerable to cyber crime based on a false sense of security, perhaps even complacency, driven by non-agile security tools and processes. Many are failing to recognize cyber crimes in their IT environments and misallocating limited resources to lesser threats. For example, many organizations focus heavily on foiling hackers and blocking pornography while potential-and actual-cyber crimes may be going undetected and unaddressed. This has generated significant risk exposure, including exposure to financial losses, regulatory issues, data breach liabilities, damage to brand, and loss of client and public confidence."