I found the article Corporates focus on basics for IT security defences by John Leyden to be interesting. He reports on a survey presented by Gartner at their recent IT Security Summit. Gartner's survey found that IT staff ranked threats as follows:
1. Viruses and Worms
2. Outside Hacking or Cracking
3. Identity Theft and Phishing
4. Spyware
5. Denial of Service
6. Spam
7. Wireless and Mobile Device Viruses
8. Insider Threats
9. Zero Day Threats
10. Social Engineering
11. Cyber-Terrorism
I am disappointed to see social engineering ranked so low. I am glad cyber-terrorism is dead last. I am surprised to see outside hacking ranked so high, even though I agree it should be a top three priority.
Here is the list I would create (if I had to call these "threats;" many of these are not "threats." I rank these "problems" or issues using a mixture of likelihood and damage inflicted. I do not agree with all the categories presented, but here is my best assessment.
1. Viruses and Worms
2. Outside Hacking or Cracking
3. Spyware
4. Denial of Service
5. Insider Threats
6. Identity Theft and Phishing
7. Social Engineering
8. Zero Day Threats
9. Spam
10. Wireless and Mobile Device Viruses
11. Cyber-Terrorism
Also according to John, "More than half the respondents said they preferred buying 'best-of-breed' products from multiple technology providers while a third of those quizzed preferred integrated security suites, a preference catered for by a growing list of firms selling integrated security appliances."
By the way, I contacted Gartner about covering the summit for this blog and they completely ignored me. Thanks guys! So much for "new media" and the "blogosphere."
0 komentar:
Posting Komentar