Companies need better IT training to boost security
Wednesday, April 29, 2009
U.S. companies have been improving the policies that govern their network security with a more comprehensive approach to risk management and compliance, according to the latest annual IT security analysis from the Computing Technology Industry Association (CompTIA).
Although the number of security breaches reported in 2008 did not rise significantly from 2007, CompTIA reported greater severity of those breaches, as cybercriminals have adopted more sophisticated and evolving attacks.
Today's security risks - most frequently in the form of viruses, spam and spyware - are not stagnant. Looking forward, U.S. respondents believe that human error, phishing, social engineering, identity theft, spoofing and viruses will be the most difficult issues, CompTIA reported.
Written IT security policies are growing more comprehensive, as about 87 percent now cover mobile employees and nearly 75 percent cover mobile devices such as PDAs.
CompTIA's report said further IT training and certification will be necessary to combat security breaches caused by human error, the top reason breaches occur.
"The top reason for human-error based security breaches in the U.S. is the failure of staff to follow security procedures, demonstrating a need for further employee training and deeper knowledge of technology functions," the report said.
Related News:
FBI: Law firms and PR agencies high on hacker target lists - 11.18.2009
Using complex email scams, cyber criminals are increasingly targeting sensitive information held by law firms and public relations companies, according to an FBI advisory released earlier this month.
Phishing email takes numerous forms - 11.17.2009
The practice of impersonating authoritative websites and sources in order to convince victims to divulge personal information - known as phishing - has come a long way from the Nigerian "419" scams that popularized the technique in the public mind. Modern phishing is becoming increasingly dangerous in part because attacks can come from a variety of sources.
Email filtering technology working overtime, but spam won't go quietly - 11.16.2009
While modern email filtering systems can block 95 to 99 percent of spam messages, according to Tech Target, mountains of unsolicited email are still delivered every day, accounting for the vast majority of all emails sent.
Phishing scam targets investors, spoofs finance agency - 10.9.2009
The Financial Industry Regulatory Agency (FINRA), an independent regulator of brokerages, is warning investors that they may be targeted by a phishing scam through emails claiming to come from the agency.
Phishing scammers leak Windows Live Hotmail passwords to web - 10.6.2009
Hackers posted thousands of passwords from Windows Live Hotmail email accounts to a website over the weekend, in what Microsoft said was the result of a phishing campaign targeting the free webmail service.
|
