Information Security

Activate your FREE membership today  |  Log-in

  • Visit other TechTarget ANZ sites: 
Home  >  News  >  SurveyWatch: High-risk threats on the rise despite overall wane
Posted
Feb 13, 2008

SurveyWatch: High-risk threats on the rise despite overall wane

Tools: Print article Email a friend RSS Feeds

Between 2006 and 2007, computer security threats and vulnerabilities decreased, but the proportion of high-risk threats increased by 28%, as found by the X-Force research and development team for IBM's Internet Security Systems (ISS) department.

High security threats were defined as access to immediate remote and local information, or immediate execution of code or commands with unauthorised privileges. Further examples include most buffer overflows, backdoors, default or no password, and bypassing security on firewalls or other network components.

This figure was one of many released in the company's report yesterday, titled 'IBM Internet Security Systems X-Force 2007 Trend Statistics'. The report was presented by Tony Best, general manager of the company's software group in Australia and New Zealand; Peter Allur, program manager for Intelligence & Vendor Relations from the ISS based in the US; and Andrew Gontarczyk, senior managing consultant of the company's Global Business Services.

The findings of this report are set to determine the planning and production of security defences throughout 2008, both software and security practices, across a large group of security software vendors.

The report also revealed the top five software providers, in order of those that experienced the most security threats and vulnerabilities, starting with Microsoft, Apple, Oracle, moving onto IBM and Cisco — of which almost 50% of threats were left unpatched and unresolved. This figure is particularly damaging with the knowledge that most malware has anywhere between 3"“7 techniques for attacking a computer system.

The company's ISS has collected data on computer threats and vulnerabilities since 1997, one of the longest running archives, which reveals why the communication of their knowledge and information with other software companies and security vendors is vital.

"Collaboration and communication across these companies, and even our own departments, is important in bringing about the protection and security required to protect a business's or customer's intellectual information," said Gontarczyk.

"It's important for a business to create a security threat procedure to manage and record threats to their computer systems. Keeping a record of threats is most important. It's also vital to have a holistic view of your computer security defences, including software and employee practices."

For further information, visit www.ibm.com.

© 2008 TechTarget ANZ. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this web site constitutes acceptance of the TechTarget ANZ Terms and Conditions and Privacy Policy.

TechTarget ANZ sites: SearchCIO.com.au | SearchNetworking.com.au | SearchSecurity.com.au | SearchStorage.com.au | SearchVoIP.com.au

WF Online community sites: ElectricalSolutions | ElectronicsOnline | FoodProcessing | InMotionOnline | LabOnline | ProcessOnline | RadioComms | SafetySolutions | SustainabilityMatters | Voice&Data

Copyright © 2008 Westwick-Farrow Pty Ltd. All rights reserved.
About Us | Contact Us | TechTarget