Cybercrime strikes more fear than NSA spying

Despite the NSA and Snowden controversy dominating news headlines and sparking a serious privacy debate, findings from a new AppRiver, LLC survey show that IT security professionals consider external threats from cybercriminals to be the more concerning issue facing the security of organisations’ sensitive information today.

  • 10 years ago Posted in

“While the debate over the NSA and its authority does carry importance, this survey clearly demonstrates that IT security pros are more concerned with cybercriminals than government action,” says Fred Touchette, senior security analyst at AppRiver. “These are the people who deal with security every day, whose jobs depend on keeping networks secure, and who see threats as a practical problem, not a theoretical or philosophical issue.”


More than 110 attendees at RSA Conference 2014 took the survey, which was conducted via in-person interviews by AppRiver, a leading provider of email messaging and Web security solutions.
When asked to name the most dangerous threat to the security of their organisation, the response breakdown follows:
· 56.2% of respondents report cybercrime from external sources as most problematic
· 33% say insider threats with non-malicious intent give them the most trouble
· 5.3% blame malicious insiders for causing the biggest security headache
· 5.3% point the finger at external threats from government as chief offender


Malware, including email-borne and web-based threats, topped the list of most concerning threat vectors followed by personally identifiable information (PII) and social engineering. The majority of respondents, 71.4%, cited people as the most frequent (or most likely) point of failure for IT security. 21.4% faulted process and 7.2% labeled technology as the weak link.


“As a new breed of cybercriminal gets more sophisticated, IT security pros believe employees are not prepared for the more serious threats,” Touchette continues. “This chasm demands a comprehensive security strategy that takes into account all threat vectors from technological and human standpoints. Organisations need a layered security approach that includes technology, training, awareness and enforcement to keep both inadvertent and intentional attacks from happening.”


Despite the Snowden incident, more than two thirds of respondents do not think it is time to ask employees to take psychometric tests to determine their honesty. When asked if IT security pros themselves would be willing to take such a test as a condition of employment, more than 65% said yes.
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...