Computer Crime Research Center


Gartner Reports That Viruses and Worms Are Top IT Security Threats

Date: June 27, 2005
Source: Americas Network
By: Wireless News via NewsEdge Corporation

Firewalls, intrusion detection and prevention, and anti-virus software are the high-priority defenses information technology (IT) managers are pursuing this year to combat IT security threats, according to results of a new survey released today by Gartner, Inc.

"Organizations are more concerned about viruses and worms than any other security threat," said Rich Mogull, vice president in Gartner's Information Security and Risk research practice and one of the analysts who directed the survey. "Outside hacking, or cracking, as well as identity theft and phishing also are considered significant issues/ Cyber-terrorism was ranked last among the 11 threats listed in the survey."

Phishing is an online fraud that occurs when a cyberthief sends an e-mail with a link to a false Web site where users are asked to provide personal account information.

Gartner noted that in its recent survey, respondents rated critical security threats. The results include viruses and worms, a 7.6 rating ("1" indicated "no concern at all," while a "10" meant "extremely concerned"); outside hacking or cracking, 7.1; identity theft and phishing, 7.0; spyware, 6.8; denial of services, 6.6; spam, 6.3; wireless and mobile device viruses, 6.2; insider threats, 6.2; zero day threats, 5.9; social engineering, 5.9; and cyber-terrorism, 5.6.

Conducted in May 2005, the survey included responses from 133 North American organizations with global operations and revenues exceeding $750 million. Six of 10 surveys were completed by IT managers, with 91 percent overall answered by employees in IT departments.

Half of the survey participants said they increased IT security spending this year and expected to do so again in 2006. Seven of 10 said they considered the systems and processes of the IT unit in which they work more secure than a year ago, mainly because better security controls now are in place.

More than one-third of the respondents said the need to comply with new regulatory requirements, such as those mandated in the United States by the Sarbanes-Oxley Act, was the largest factor in determining spending priorities on IT security.

In addition to firewalls, intrusion detection and prevention, and anti-virus defenses, other spending priorities in IT security include patch management, strong user authentication, remote access, vulnerability assessment, user provisioning or identity management, security event correlation and reporting, spam filtering and web-site filtering or blocking.

More than half the respondents said they preferred buying 'best-of-breed' products from multiple technology providers. Multi-vendor suites integrated under a common framework were preferred by more than one-third of the survey participants.

The survey participants work in organizations with a mean average of nearly 2,300 worldwide IT employees and a mean average of $207.4 million in worldwide IT budget.

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo