The CIO Was Right: Web 2.0 Is Dangerous - InformationWeek
IoT
IoT
IT Leadership // CIO Insights & Innovation
Commentary
7/30/2008
11:51 AM
John Soat
John Soat
Commentary
50%
50%
RELATED EVENTS
Faster, More Effective Response With Threat Intelligence & Orchestration Playboo
Aug 31, 2017
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the ...Read More>>

The CIO Was Right: Web 2.0 Is Dangerous

CIOs have gotten a reputation -- rightly or wrongly -- for dragging their feet when it comes to Web 2.0 initiatives like social networks and application mash-ups. The reason: security. Now it appears they may have been justified.

CIOs have gotten a reputation -- rightly or wrongly -- for dragging their feet when it comes to Web 2.0 initiatives like social networks and application mash-ups. The reason: security. Now it appears they may have been justified.According to a news story by my colleague Tom Claburn, many legitimate sites are increasingly rife with malware:

Seventy-five percent of Web sites with malicious code are legitimate Web sites that have been hacked, according to a new security report issued by Websense that covers the first two quarters of 2008. This represents a 50% increase over the previous six-month period.

A lot of this has to do with the rise in Web 2.0 technology. Ninety of the 100 most-visited sites on the Web are either social networking or search sites, according to Websense, and 60% of those "either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites."

Social networks like Facebook and MySpace always have been seen as a potential sieve for confidential corporate information. That's why many companies seeking to exploit that collaboration technology for marketing or communication purposes have set up their own internal social networks. Whether to allow employees access to those outside social networks from the corporate network is an ongoing debate.

Application mash-ups are another thing. According to Websense, free online tools from Google and others host a panoply of malicious content. Fearing that, many CIOs have been trying to hold back the widespread use of those tools by line-of-business managers and savvy users, particularly in vertical industries where confidential data might be exposed, such as the financial services industry. However, those CIOs often are characterized as fearing loss of control more than security lapses. Here's a blog I wrote on that subject.

Does this new security data from Websense mean CIOs have been right all along?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll