Security - Baseline
Home arrow Security arrow Top 10 2009 Security Threats and Vulnerabilities

Security Slideshow:
Top 10 2009 Security Threats and Vulnerabilities


Popular technologies like virtualization, databases and mobility could be as risky as they are useful to enterprise users in 2009.


Slideshow Archive
Slideshow Archive
 
  • We started hearing rumblings about virtualization’s security risks as far back as 2007. As companies continue to implement virtualization to save in 2009, securing virtualized systems will grow in importance.
  • A publicized outbreak of the SillyFDC USB worm at the US Army and the Army’s subsequent banning of USB devices in November called attention to the ever-growing risk posed by unmanaged USB devices.
  • Even organizations with perfect security can suffer an exposure through a sloppy business partner. A recent study by the Ponemon Institute found that 50 percent of IT pros are fearful of the "imminent and critical risk" posed by outsourcing.
  • Attackers view insecure legacy databases as open treasure chests full of salable information. The economy isn’t helping either – a recent analyst report noted budgetary concerns the biggest roadblock to DB security.
  • As banking and retail applications proliferate the mobile world the crooks will look to profit. Researchers with the Georgia Tech Information Security Center predict that mobile threats will peak in 2009.
  • Researchers Jeramiah Grossman and Rober Hansen made waves last year with their demonstration of ‘clickjacking’ through Adobe Flash. Expect to see similar vulnerabilities exposed in web-enabled rich media applications in 2009 as well.
  • Hackers will continue to go to town on insecurely built websites and applications in 2009 much as they have in past years. They’ll lean on botnet resources and other automated tools to carry out mass SQL attacks like Asprox in ‘08.
  • Malcontents are using those SQL injection attacks and other methods to prey on the good name of upstanding organizations. According to researchers at Cisco, the number of threats originating from legitimate websites increased by 90 percent last year.
  • A recent survey conducted among Wall Street employees found that 58 percent would abscond with company data if they were fired. In today’s layoff climate, such risks must be addressed
  • Even as the FTC starts to really crack down on companies that use sham security alert ads to sell phoney security software, this scareware problem will likely get worse before it gets better.

Baseline:  

Issue Index | Contact Us | About | Media Kit | Magazine Customer Service | Navigation Guide

Quick Links:  

Project Planners | Enterprise Resource Planning | Network and Online Security | Data Analysis | Process Management | Storage Devices| Link to Us

Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
Tech RSS Feeds | White Papers | Tech Podcasts | Tech Video | VARs | System Builder

Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
eWEEK | Enterprise Network Security | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
Publish | Security IT Hub | Strategic Partner | Web Buyer's Guide | Windows for Devices

Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | igrep

Use of this site is governed by our Terms of Use and Privacy Policy

Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.