Secure Computing finds insider threats are biggest worry

By Alan Harten

Secure Computing Corporation an enterprise gateway security company, today announced the results of an IT Director survey that uncovers a rising concern about insider threats and widespread acknowledgement of being unprepared for emerging Web-based attacks.

When asked whether they believed insider or outsider threats posed a bigger problem to their organisation, more than 80% of the 103 Directors surveyed prioritise insider threats (defined as either unintentional data leakage or deliberate data theft).

Less than one in five respondents, or 17%, feel that external threats posed by hackers are more dangerous.

This could in part be due to the fact that 37% of respondents have experienced leakage of sensitive information in the past year.

In line with this, internal security was at the top of IT Directors’ shopping lists when respondents were asked to rank potential future investments that included perimeter security, staff mobility and network performance.

Additional interesting survey findings include:

Email is identified as the biggest current security risk to respondents’ organizations according to 34% of respondents. Interestingly Voice over IP comes second at 25%, and is deemed a bigger threat than Web surfing (browser-related threats), which only 21% of IT Directors feel is the biggest threat. Despite this apparent confidence, however, four in five respondents, 79%, feel they could be better prepared for Web-borne threats.

Established external threats continue to be the biggest concern in a developing Web 2.0 environment. Viruses top the list of offenders, with 31% of IT Directors feeling it is the biggest threat, while spam comes in second with 18% and data leaks a close third, at 14%.

When asked to rank their biggest external security concerns, hackers are surprisingly the area of least concern, with less than a quarter, 22%, of respondents feeling they are the biggest threat. Malware appears to be the major headache, with 56% identifying it as their biggest worry.

The biggest budgets will be spent on strengthening internal security, with 35% of IT Directors identifying it as their priority planned investment. Surprisingly, considering the forecasted downturn in the economy, “IT asset management for cost savings” is the lowest priority.

IT Security is starting to be seen as a genuine business enabler - only one in 10 respondents, 11%, feel their board perceives it as a “necessary evil” whilst the remainder feel it is at least as important as any other IT project.

Over two-thirds, 68%, of respondents believe data breach disclosure should be compulsory in the UK, as it is in the United States.

Secure Computing Corporation, Details
Secure Computing Corporation is a provider of enterprise gateway security, and delivers solutions that help customers protect their critical Web, email and network assets.

Over half the Fortune 50 and Fortune 500 are part of our more than 22,000 global customers, supported by a worldwide network of more than 2,000 partners.

The company is headquartered in San Jose, Calif., and has offices worldwide.