Article Options
Enterprise Security Trends Blog | HP Blogs
Keep up with the latest cyber, cosumerisation, collaboration and cloud enterprise security trends from the team of HP information security professionals.

Top 10 Security Threats, Risks and Challenges: Part 2

Info_Security| July 7, 2011
Post a Comment
0

by Richard Archdeacon, Strategy & Technology

 

Welcome to part 2 of this two part blog post series providing a short guide to the most important threats, risks and challenges to business currently facing the enterprise CISO. In the first post I discussed Advanced Persistent Threats, Cyber Warfare Attacks, Hactivism, Cloud and Consumerisation & Mobile Working. Here are numbers 6 to 10 in the list.

 

6 Social Networking

The rise of Facebook, Twitter and other social networks are the social and technical phenomenon of the last five years. Deeply ingrained they pose security and logistical headaches for security people. Data can leak, they hog bandwidth, and brands can be damaged via careless postings.

 

7 Compliance

Why is compliance a threat? Because the penalties for failing to comply with new laws and data directives are getting harsher. Disclosure laws in the US mean that any business that loses customer data must make it public - with resultant brand damage. In the UK the Information Commissioner's Office is able to order organisations to pay up to £500,000 as a penalty for serious breaches of the Data Protection Act.

 

8 Software vulnerabilities

As more applications are developed in-house, software vulnerabilities are an increasing risk as they are tracked and used by hackers as a back door into the corporate network.

 

9 Complacency

The greatest risk to a business is that if they haven’t been attacked then everything is locked down. That’s when they get attacked. Constant vulnerability scanning and risk assessment are the only ways to avoid complacency and maintain security readiness.

 

10 Complexity

It is estimated that many security managers are struggling to manage IT security kit from an average 40 vendors. This creates huge problems in terms of patch management, SLA management and vulnerability management. The solution is regular and deep audits and IT hygiene programmes.

 

If you're facing any of these risks, threats and challenges feel free to share your story below or contact us here and one of our specialists will be in touch to help.

Tags: complacency| Complexity| Compliance| Social networking| software vulnerabilities View All (5)
Labels: challenges| Enterprise security| information security| risks| threats| Top 10
Labels:
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
 
Search
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About the Author
  • A business first, senior executive, with over 20 years of hands on experience in defending banks, governments and corporations against cyberwarfare. My career in security started when I was employed to crack a secure system, which had locked down the boot process, whitelisting of applications and encrypted disks. I linked TeamOffice (an ICL email and collaboration system) with Microsoft Word to send an email which allowed me to do anything the person reading the email could do and send the results back to me, all without there knowledge. Having proved this vulnerability, I worked with Peter Simpson to create Defuse, a tool that blocked inappropriate actions. This successfully blocked Winword Concept, the first known malicous code in the wild. From these begginings I have investigated all aspects of security to provide an holistic approach to security as a business enabler and currently advising organisations on the suitability of the cloud to their needs.
Follow Us