Security concerns over IP convergence
As viruses and malicious software bloom, senior executives across a range of industries see security as their top concern in implementing converged IP (Internet Protocol) networks, according to a joint study released Tuesday by the Economist Intelligence Unit (EIU) and AT&T. It's the second year in a row that the survey, which polled 236 executives in 50 countries, put security ahead of cost, their second greatest concern, said Denis McCauley, director of global technology research for the EIU. Security was ranked first at 26 percent, followed by implementation costs at 23 percent and the cost of new equipment at 19 percent, the study said. Nonetheless, 62 percent of the respondents expect to implement IP networks in the next three years, although 63 percent felt that processing consumer data online put them at risk of security breaches. McCauley said the study's results were not surprising so much as noteworthy in the respect that the greatest advantages of converged IP networks -- openness across the enterprise to customer and company data -- are also its greatest vulnerability. Companies are also using more mobile devices, creating more possible entry points into networks, he said. Executives, however, believe the biggest threat comes from people. The study showed that executives think most attacks come from inside their company as part of internal sabotage, spying by employees or simply unintentional mistakes. Other threats such as phishing attacks -- which mimic familiar commerce sites through e-mails to gain user names and passwords -- are expected to increasingly target commercial organizations, the study said. In "spear" phishing, employees are sent an e-mail by someone masquerading as a higher-level executive asking for personal information. It's likely the subordinates will respond quickly, the study said. "The threats are evolving," McCauley said. Increasingly sophisticated DoS (denial of service) attacks are also being directed against financial institutions, said Kees Vos, global offering manager for AT&T. The attacks are not by average kids but by professionals trying to make money, he said. AT&T, which handles between 18 percent to 20 percent of all Internet traffic, collects data in an effort to try to predict emerging security threats, Vos said. It helps in preparing a remedy since the time when a threat emerges and starts doing damage is decreasing, he said. "To wait for it to happen and react, it's always too late," Vos said.
Reproduced from an article published by InfoWorld
© InfoWorld
The original article can be viewed here:
http://www.infoworld.com/article/05/11/08/HNipconvergesecurity_1.html
Permalink Bookmark Digg this story
