Top IT Threats
Firewalls, intrusion detection and prevention, and antivirus software are all high-priority defenses IT managers are pursuing this year to combat IT security threats, according to a new survey released by Gartner. Viruses and worms ranked the highest among the 11 threats revealed at Gartner's 11th annual IT Security Summit this week.
After viruses and worms, the list of IT security threats were:
outside hacking or cracking
identity theft and phishing
spyware
denial of service
spam
wireless or mobile device viruses
insider threats
zero day threats
social engineering
cyber terrorism
The survey included responses from 133 North American organizations with global operations and revenues exceeding $750 million. Six of every 10 surveys were completed by IT managers; 90 percent were completed by employees in IT departments. All the participants work in organizations with a mean average of roughly 2,300 worldwide IT employees and an average worldwide IT budget of $207.4 million.
Esteban Kolsky, analyst at Gartner, says that the increasing number of security breaches is putting pressure on senior-level management and executives to make sure their company's IT department isn't hit. "Most IT budgets are done using the top-down approach," he says. "At the top of an organization, whatever is getting more publicity and press time tends to be a more predominate issue. You'll have a vice president or executive who wants to protect themselves and their job from a security breach."
Half of all participants said they increased IT security spending this year and expected to do so again in 2006. Seven of 10 said they considered the systems and processes of the IT unit in which they work more secure than a year ago, mainly because better security controls and solutions are now in place. In addition to firewalls, intrusion detection, and antivirus defenses, other spending priorities in IT security include patch management (or protection updates), strong user authentication, remote access protection for wireless and mobile devices, identity management, and spam filtering.
More than half of respondents said they preferred buying best-of-breed products from multiple technology providers. Less than one-third of participants preferred multivendor suites integrated under a common framework. Kolsky believes this choice stems from best-of-breed vendors being able to provide more power and functionality by specializing in certain areas. "Best-of-breed is still seen as being more powerful, more capable of providing protection for certain areas," he says. "Secondly, the market hasn't evolved enough for multivendors to be compared to best-of-breed. Every market goes through an evolution, best-of-breed to suite to powerful suite. This market hasn't moved to powerful suites. It's still split between best-of-breed and suites."
Related articles:
Fear and Loathing in the Database
Enlisting CRM to Fight Spyware