One of the most frustrating things about following the world of online security -- especially those who are not totally enmeshed in it on a day-to-day basis -- is the variety of threats. What really are the biggest threats? What truly scares security personnel? An RSA Conference survey provides a good overview of what is truly scary to security personnel, what seems scary but is somewhat toothless and what lies in between.
There is a ton more information than what can be conveyed here. Some highlights:
- The three most anticipated security threats during the next year are data leakage, e-mail-borne malware/phishing and Web-borne malware.
- The top three challenges during the next year are lost or stolen devices, employee error and employee education.
- Forty-six percent of companies experienced no incidents during the past year, 19 percent one or two and 14 percent three to five.
- The top three problems in the past year were e-mail malware/phishing, Web malware and data leakage.
- Eighty-six percent of respondents were unaffected by the Storm botnet.
Smart vendors are looking closely at the future, of course, and placing their bets. McAfee, for instance, has decided to buy Reconnex, a data-loss-prevention company. That fits nicely with the first bullet point above. The commentary in this coverage of the $46 million deal is that the future of security is in dynamic flow of information -- as opposed to the protection of data at rest.
The commentary also touches, a bit obliquely, on the rather unexpected result that education was a top-three priority. The writer says employees must use technology properly for it to be effective.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
Hopefully, the news on the impotence of the Storm botnet holds going forward. Last week, the FBI and the Internet Crime Complaint Center issued a press release highlighting a run of spam distributed by Storm-based malware. The message line in the spam contains the phrase "F.B.I. vs. facebook" and contains a link to a malicious site. While the release doesn't contain too much information, it is a noteworthy signal that Storm isn't dead.
Though studies such as the one run by RSA Conference can help structure an approach to security, it can only go so far toward sorting things out. The bottom line is that there are a lot of things -- many of them not good -- going on. ID Analytics has released a study entitled "Analytics of Internal Data Theft" that looked at eight data breaches and characterized the harm caused by the unintentional and intentional mishandling of data. For instance, the report says that identities tied to internal incidents were 24 times more likely to be misused than uncompromised identities. It is interesting that most of the data theft occurred within 20 miles of the theft. Of 1,300 reported incidents, 69 percent were in the wireless realm.