As viruses and malicious software bloom, senior executives across a range of industries see security as their top concern in implementing converged IP (Internet Protocol) networks, according to a joint study released Tuesday by the Economist Intelligence Unit (EIU) and AT&T.
It's the second year in a row that the survey, which polled 236 executives in 50 countries, put security ahead of cost, their second greatest concern, said Denis McCauley, director of global technology research for the EIU. Security was ranked first at 26 percent, followed by implementation costs at 23 percent and the cost of new equipment at 19 percent, the study said.
Nonetheless, 62 percent of the respondents expect to implement IP networks in the next three years, although 63 percent felt that processing consumer data online put them at risk of security breaches.
McCauley said the study's results were not surprising so much as noteworthy in the respect that the greatest advantages of converged IP networks -- openness across the enterprise to customer and company data -- are also its greatest vulnerability. Companies are also using more mobile devices, creating more possible entry points into networks, he said.
Executives, however, believe the biggest threat comes from people. The study showed that executives think most attacks come from inside their company as part of internal sabotage, spying by employees or simply unintentional mistakes.
Other threats such as phishing attacks -- which mimic familiar commerce sites through e-mails to gain user names and passwords -- are expected to increasingly target commercial organizations, the study said. In "spear" phishing, employees are sent an e-mail by someone masquerading as a higher-level executive asking for personal information.
It's likely the subordinates will respond quickly, the study said. "The threats are evolving," McCauley said.
Increasingly sophisticated DoS (denial of service) attacks are also being directed against financial institutions, said Kees Vos, global offering manager for AT&T. The attacks are not by average kids but by professionals trying to make money, he said.
AT&T, which handles between 18 percent to 20 percent of all Internet traffic, collects data in an effort to try to predict emerging security threats, Vos said. It helps in preparing a remedy since the time when a threat emerges and starts doing damage is decreasing, he said.
"To wait for it to happen and react, it's always too late," Vos said.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Recommend This
