<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcs8krshw00000cpvecvkz0uc_4g4q/njs.gif?dcsuri=/index.php/c/a/Security/Closing-the-Security-Gap/5&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.baselinemag.com&amp;WT.qs_dlk=XWBqwamGb2XBbm2iyzTZ0wAAABI&amp;">

5 Big Threats

By Ericka Chickowski  |  Posted 2008-06-02 Print this article Print

The security risks IT managers worry about the most aren’t the same ones they spend their company’s money on. What’s going on? Baseline set out to get some answers.

5 Big Threats

Traditional anti-virus software and firewalls miss these five current threats.

1 Trusted Users and Partners
These individuals have access to your most sensitive data. Without additional monitoring and policy enforcement technology in place, organizations are left flapping in the wind.

2 Web Application Vulnerabilities
Gartner estimates that 75 percent of today’s attacks are carried out through the application layer. Many of these application attacks are conducted through quickly coded Web applications, with little or no security baked in. Yet these Web apps are often connected to some of the most sensitive databases businesses own.

3 Missing Devices
Whether lost or stolen, unencrypted laptops and other mobile devices have the potential to expose your organization to high-profile data breaches if they contain sensitive information.

4 Custom Malware
Most security experts agree that signature-based anti-virus systems are overwhelmed by the proliferation of malware designed to fly under the radar of established signatures to attack systems and steal data. Signature-based protection cannot protect against custom malware that has never been detected before.

5 Social Engineering
When users provide log-in information to a “tech support” guy who doesn’t exist, or they unknowingly respond to spear-phishing attempts to steal their credentials, the bad guys gain unfettered access to your systems. These tricky attacks that prey on user ignorance must be headed off through education, policy creation and enforcement measures.

eWeek eWeek

Have the latest technology news and resources emailed to you everyday.