Security: New Study IDs Top Threats

By Allan Alter Print this article Print

Ineffective policies and careless employees leave plenty of openings for data thieves and cybercriminals. Yet most CIOs claim security is under control.

It seems no matter how many companies make the news because of IT security problems—recent victims and foul-ups include AOL LLC, AT&T Inc., Sovereign Bancorp Inc., the TJX Companies, UCLA and Verizon Wireless—the perceived state of security resembles Garrison Keillor's mythical Lake Wobegon, the town "where all the women are strong, all the men are good-looking, and all the children are above average." According to this year's security survey, most IT executives still say their corporate security is strong, risk of a breach is moderate or low, and confidence in their ability to fend off attacks is rising. About 85 percent of our 187 respondents feel certain they can keep their company's money safe from thieves' clutches.

But these assurances seem increasingly naïve as time goes on. Too many organizations still fall prey to database theft. Social networking sites provide new opportunities for downloading tainted files and social engineering gambits. Careless behavior by employees combined with spotty security policies provide plenty of openings for scam artists. New forms of online fraud frequently appear on the scene. A widely reported study by MarkMonitor, an Internet security firm specializing in brand protection, found a rise in "cybersquatting" (using trademarks on illegitimate sites), "clickfraud" (bogus clicks on ads) and "domain kiting" (illicit Web sites with similar names to well-established sites), along with phishing and other scams. The better gauge of how CIOs truly feel about security is spending: IT security budgets are growing, and companies are plunking down cash for a broader range of technologies and services.

In this story:
Special Report: I.T. Security Findings
May 2007 Research Slideshow: I.T. Security
Methodology: How the Survey was Done

This article was originally published on 2007-05-17
Executive Editor

Allan Alter has been a specialist on information technology management, strategy and leadership for many years. Most recently, he was editor-in-chief and the director of new content development for the MIT Sloan Management Review. He has been a columnist and department editor at Computerworld, where he won three awards from the American Society of Business Press Editors. Previously he was a special projects editor, senior editor and senior writer for CIO magazine. Earlier, Alter was an associate editor for Mass High Tech. He has edited two books: The Squandered Computer: Evaluating the Business Alignment of Business Technologies and Redesigning the Firm.

eWeek eWeek

Have the latest technology news and resources emailed to you everyday.