http://gcn.com/articles/2011/08/30/endpoint-security-low-tech-threats.aspx By William Jackson GCN.com Aug 30, 2011 Sophisticated attacks using Advanced Persistent Threats are top of mind for nearly two-thirds of government IT officials in a recent security survey, but too little attention often is being paid to the low-hanging fruit being exploited by low-tech attacks. “The results reinforce what we have known for a while,” said Dan Brown, director of security research for Bit9, the security company that did the survey. “The bar is not as high as we would like to think.” The survey showed what Brown called “gaping holes” in security policy and practices that can let malicious code into an enterprise through unmanaged devices and downloading of applications. Although most government organizations and defense contractors represented in the survey restrict some administrative rights of end users, 7 percent have no restrictions, and security too often relies on written policies without enforcement. As a result, two-thirds of respondents allow some downloading of software and 40 percent of them found spyware on computers. Nearly a third of them found known viruses and malware, as well as some zero-day exploits. [...] _____________________________________________________________ Register now for the #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/Received on Wed Aug 31 2011 - 02:30:04 PDT
This archive was generated by hypermail 2.2.0 : Wed Aug 31 2011 - 02:31:04 PDT