[ISN] Executives Still Open File Attachments

From: InfoSec News (isn@private)
Date: Thu Jul 15 2004 - 01:40:23 PDT


July 14, 2004
TechWeb News 

Maybe they should add another course to MBA programs: E-mail Security 101. 

While more than three out of four senior corporate executives said
that security is their top priority, they don't practice good security
themselves, according to a survey released Wednesday by a division of
the British magazine The Economist.

The survey of 254 executives from around the world revealed that 78
percent worry most about network security.

But that same percentage also admitted that they've opened file
attachments received from people they don't know.

E-mail file attachments are the No. 1 way attackers use to drop
malicious payloads onto users' computers, but obviously the drumbeat
of 'don't open' hasn't reached upper management.

Other results of the survey done for AT&T include a slow-but-steady
climb in security expenditures, the belief that most attacks originate
within the company, and a fear of wireless.

On average, the firms polled devoted 9 percent of their IT budgets to
security in 2002, and 11 percent in 2003. This year, they anticipate
putting about 13 percent of the total IT budget into security.

The executives surveyed said they thought 83 percent of the attacks
their organizations had suffered stemmed from insiders, including
sabotage, espionage, and the catch-all “human error” category.

And these people are spooked by wireless. More than 80 percent believe
that their goals of giving remote workers access to networks and the
data stored on them leave their firms vulnerable or extremely
vulnerable to security breaches.

Help InfoSec News with a donation: http://www.c4i.org/donation.html

This archive was generated by hypermail 2.1.3 : Thu Jul 15 2004 - 02:56:11 PDT