When the results of InformationWeek Research's annual Information Security Survey came in a few weeks ago, we were surprised to see that 84% of survey participants don't believe their organizations are more vulnerable to malicious-code attacks and security breaches than a year ago. Do these people run their computer operations in an airtight biosphere somewhere? With Wi-Fi, cell phones, and Bluetooth, even that wouldn't be safe these days.
The answer appears to be that IT professionals simply aren't intimidated by the threats that keep coming. Worms, viruses, Trojans, keystroke loggers, phishing, pharming, denial-of-service attacks, software vulnerabilities, cracked passwords, spyware--they're all in a day's work. Survey respondents apparently believe they've got the systems and processes in place to deal with the increasingly complex threats.
That's reassuring, but worrisome, too. Are businesses really that well prepared for the next PC-crashing, data-stealing, multimodal attack bot that comes sneaking their way? Sure, firewalls and intrusion-detection systems are in place, and the arrest late last week of two men suspected of creating and distributing the Zotob worm is encouraging. But then, there are those data-archiving tapes that have gone missing. And credit-card accounts that were recently hacked. And the narrowing window between the time a software patch gets issued and an exploit goes after the hole it's meant to cover.
So, the question, "Is your company more vulnerable?" is as much about perception as reality. Here's hoping the gap between the two isn't as big as it seems.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.