IT staff used to face a single enemy: the hacker. And with the right weapons, the hackers could be defeated. But in today’s world, IT managers have to be superheroes battling four titanic forces: technology, cultural change, evolving criminality, and human fallibility.
Malware—Do we have the right weapon?
Data breaches have been hitting the headlines all year. Research* from Websense indicates that 60 percent of respondents worry about advanced persistent threats. Yet less than half use systems that prevent confidential data from being uploaded to the web.
It used to take years for sophisticated malware to hit the common black market. Now it’s a matter of weeks. This makes it easy for less technically advanced criminals to join the fray. Antivirus (AV) and firewall solutions are often relied upon to do a massive job alone. While AV and firewalls are certainly necessary, they are not sufficient to stop modern malware and advanced data-stealing attacks.
Social media—The changing communications culture
It’s widely recognised that social media is valuable to business, but it’s rapid spread has caught organisations off guard. Research** from the Ponemon Institute reveals that more than half of organisations experienced an increase in malware attacks as a direct result of employee use of social media. Far fewer believed they had the necessary security controls in place to mitigate or reduce that risk.
Social media in the workplace provides a huge opportunity for the bad guys, however new security solutions are now available to tackle it head on. By bolstering traditional defences with real-time content security, it’s possible to analyse user-generated content on the fly, as it’s created.
The human element
Research* shows that employees and IT managers alike place protection against internet security threats as the third most important ‘employee right’, after a proper lunch and coffee breaks.
Just one employee in a hundred admits to posting confidential information on a social networking site. At the same time, 20 percent of IT managers say it has occurred in their organisation. This may only be the tip of the iceberg. If they did accidentally compromise company data, 25 percent of employees wouldn’t tell their boss or the IT department!
The rise of the ‘attack surface’—More weak spots on the network
The fact is, threats haven’t suddenly increased because the bad guys have decided to attack. It’s all part of a much wider change in society and in criminality. The ‘attack surface’—the range of possible entry points to corporate networks—has grown exponentially. And it increases with the purchase of each smartphone, tablet, and laptop.
The basic economic law of supply and demand is now more prevalent than ever. New black markets have emerged for data as information and technology vulnerabilities are lucrative and easily monetised assets.
So your business now faces external attacks, internal pressures, social media culture, evolving technology, and even new places for the criminal to go shopping. You may not have unlimited strength or be invisible but could a comprehensive and integrated data leakage prevention solution be your IT manager’s super power?
* ’Security Pros and Cons’—research by Dynamic Markets for Websense (September 2011)
** ‘Global Survey on Social Media Risks’—research by Ponemon Institute (September 2011)