Study: Companies Dive Into Web 2.0 Without Securing Risks - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
10/3/2007
12:56 PM
50%
50%
RELATED EVENTS
[Cybersecurity] Costs, Risks, & Benefits
Feb 28, 2017
How much should your organization spend on information security? What's the potential cost of a ma ...Read More>>

Study: Companies Dive Into Web 2.0 Without Securing Risks

A Forrester Research study reveals the vast majority of enterprises adopt Web 2.0 technologies without preparing to fend off the related threats.

While the majority of enterprises are using Web 2.0 technology, they're not prepared to deal with the security risks that come along with it, according to a study released Wednesday.

Forrester Research surveyed 153 IT professionals and found 96% said they are not only using Web 2.0 technologies but their companies are finding value in them. The problem is that the companies may have made the leap into Web 2.0 without thinking about the security consequences. A full 90% reported that they are at the least "very concerned" about related threats.

"Today, the Internet is beleaguered with threats such as phishing, viruses, spyware, and botnets, all threatening to challenge your business operations," said Chenxi Wang, a principal analyst with Forrester, in a written statement. "Forrester's study ... reveals that most companies are slow to respond to the latest threats, or aren't sure what to do to adequately secure. We have found that most companies that have implemented any kind of Web protection have only installed URL filtering and signature scanning. Yet, malware writers are now using the Web as a primary vehicle to propagate a plethora of new threats undeterred by traditional security means. The need for more effective Web protection has never been greater."

The study, which was commissioned by security software vendor Secure Computing, showed that there's a gap between security perception and the reality.

According to Forrester, while nearly 97% of those surveyed said their companies are prepared for Web-borne threats, 68% admitted there is room for improvement. The survey also showed that 79% reported being hit with malware attacks fairly frequently. And 46% of them reported spending more than $25,000 in the last fiscal year for malware cleanup alone.

Business managers and marketing heads like the idea of the customer-generated content that Web 2.0 offers. An automobile maker, for instance, might start a social network, allowing customers to write about their experiences and post pictures and video of road trips.

The problem is that malicious hackers are increasingly focusing their attention on using Web 2.0 technologies as entries into unsecured companies. Hackers and spammers, for instance, can create their own pages on social networking sites and riddle them with malicious code to infect their social networking peers. One worm planted in a MySpace page infected more than 1 million users. And malware writers are beginning to target vulnerabilities in Ajax-based applications, which help make the Web 2.0 sites so dynamic.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Annual IT Salary Report 
Base pay for IT professionals has remained flat this year with a median annual salary of $88,000 for staff and $112,000 for management. However, 58% of staff and 62% of managers who responded to our survey say they're satisfied with their compensation. Download this report to find out which positions earn the highest compensation.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll