cioinsight.com
Home > RSS Feeds > Security
  • Spammers routinely impersonate users to disseminate malware or misinformation. Without checking every time, it's easy to fall prey to phishing or Web scams.

  • The IT security landscape in 2015 is setting up to be a study in contrasts: Confidence is high among security professionals, even though they expect to be victimized by more attacks, and, as a result, they are planning to significantly beef up their defenses during the coming year. Such is the takeaway from a recent survey of 250 IT security professionals conducted by security vendor ThreatTrack Security. The confidence expressed by the respondents seems to contradict a market that was shaken by a series of headline-grabbing data breaches during 2014. Julian Waits, CEO of ThreatTrack, believes that the findings hint at a welcome combination of confidence and practicality. "The overwhelming optimism that the survey respondents showed seems to indicate a growing confidence in newly available predictive security analytics tools that may help them to more quickly identify attack campaigns in progress," Waits said. "At the same time, they indicated that they are aware of the increased risk of attacks that they will almost certainly face in 2015, which goes to show that they aren't operating with their heads in the sand." One additional consideration the survey unearthed: Companies that employ a chief information security officer (CISO) appear to possess more awareness of the potential for attacks and a slightly higher level of confidence.

  • Over the last few years, mobility has radically redefined enterprise IT. It has introduced new requirements, new demands, and the need for entirely new technology platforms and connection points. A recent report from Check Point Software Technologies and Dimensional Research, "The Impact of Mobile Devices on Information Security: a Survey of IT and Security Professionals," states that bring-your-own-device (BYOD) initiatives and other mobile tools and approaches are ratcheting up risks, as well as costs. Among other things, the global survey of 706 IT and security professionals found that about 95 percent of their organizations have mobile devices accessing their networks, but IT and security strategies are significantly lagging. What's more, many of the problems that organizations face concerning mobile security are the direct result of lax governance and careless employees. Consequently, breaches and other incidents are on the rise, and the potential exposure and impact of these events continues to grow. Here's a list of some of the key findings from the mobile security survey.

  • Over the last few years, news about data breaches and breakdowns has reached pandemic levels. In many instances, the culprit is the ubiquitous password, which is increasingly ineffective in protecting digital identities and securing digital devices. A new study conducted by identity and credential management firm Intercede U.S. offers insights into the problem—and the way consumers, employees and others think about and approach digital identities. Part of the problem, according to the report, "The Rise of the Identity Centric Economy," is that workers are put off by logging into secure business apps due to the perceived weakness of their network security, and many are frustrated by long, complicated passwords. What's more, "Many employees are oblivious to their employer's BYOD policy, unnecessarily putting sensitive corporate data at risk," points out Richard Parris, CEO of Intercede. "Fears about long, complex passwords and insecure network connections are hampering the growth of BYOD. The best approach is to turn mobile devices into secure authentication devices, which act as the first line of defense to protect corporate data. Companies must act quickly and robustly to employ effective BYOD policies while protecting their own data, or risk major security incidents." The following slides provide some highlights from the study.

  • With the number of exploitable browser vulnerabilities growing, many IT decision-makers surveyed said this made security more difficult than any other issue.