Security vendor Symantec has posted the results of its Black Hat survey conducted last week on the first day of the conference. The results show a mix of security concerns, but two particularly hot topics centered on Web 2.0 security and Virtualization.
Symantec survey details that Web 2.0 and Virtual computing are top security concerns. (IMG:J.Anderson)
Symantec's survey was taken by 500 attendees to Black Hat, coming from all walks of IT life. 21 percent were IT managers, while security researchers accounted for 17 percent (independent) and 11 percent (employed by a vendor). Executives made up a further 11 percent. The verticals ranged from high-tech and government through to banking and healthcare.
The two core areas respondents believed would experience the most security problems in the coming year were Web 2.0 and Virtualization.
The Web 2.0 fear is clear, as there are countless examples of XSS (Cross Site Scripting) and SQLi (SQL Injection) vulnerabilities currently circulating online. To address the issue, vendors such as Check Point, Symantec and McAfee have developed browser add-ons and various levels of browser-based security to block malicious Web content.
Dealing with Virtualization security needs a different approach, and security vendors are just now moving into that arena. It isn’t enough to secure the virtual machine; it's necessary to also secure the traffic that moves from the virtual network to the live network, and vice versa. Even then, there are still several steps to deal with when developing a secure virtual network; the days of a virtual network being ready to go out-of-the box are long gone.
Symantec’s survey also pointed out where the minds of IT are when dealing with information protection. According to the survey responses, 26 percent of respondents said insufficient access controls were the main cause of information leaks. In addition, lost or stolen laptops made up 23 percent, data sent to third parties came in with 21 percent and improper posting of data to the Internet, intranet, and extranet rounded out the issues with 20.
The real issue here is that all of them are valid methods to lose sensitive information and each needs to be addressed on the network. There is no single cure for any single level of IT security. The layered approach is the only approach that is worthwhile when securing a network.
To read the rest of the data gathered by Symantec’s survey, simply click here.
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)