Insiders, not cyberterrorists, main threat to IT security
Insiders, not cyberterrorists, main threat to IT security
Companies that want to be maintain complete vigilance against the threat of attacks to their IT infrastructure should keep a closer eye on their own employees rather than the as-yet unrealised threat of cyberterrorism.
That was the warning issued to a group of IT professionals from two cybersecurity experts in their address to the 2003 Gartner IT Security Summit, in Washington.
Richard Hunter, vice president of Gartner and co-chairman of the conference, and James Lewis, director of the Centre for Strategic and International Studies (CSIS), suggested that the loss of intellectual property as a result of the actions of employees and small time hackers was what companies should be focusing on as such occurrences were commonplace, whereas a large cyberterrorism attack had yet to happen.
"You get a lot of attention on cyberterrorism and Osama bin Laden sitting in front of a keyboard, but you ought to be more worried about insiders. The primary target is companies, and we probably put not enough effort into thinking about how to protect them."
Lewis noted that while the US had been subjected to no les than 1800 physical terrorism attacks since 1995, not a single act of cyberterrorism had taken place in the same period of time.
The availability of more powerful technology will see individual hackers pose a greater threat to both security and privacy, added Richard Hunter, a vice president at Gartner and co-chairman of the conference. By 2008, Gartner estimates home computers will have 40-GHz processors and 1.3T bytes of storage, leading to both beneficial and dangerous uses of home computers.
Meanwhile, Gartner estimates that for the first time in history, the average spend of a company's IT budget on security will rise above five per cent. That spending level means that security spending will have grown at a compound annual growth rate of 28 percent since 2001, while IT budgets have grown at a compound annual growth rate of only 6 percent over that same time period.
"The focus on critical infrastructure protection means that the government, utilities, transportation and energy sectors will be forced to spend more on security," said John Pescatore, vice president and research fellow at Gartner.
He added: "In addition, increased enforcement of copyright laws and liability concerns will force universities to increase security spending. Those vertical industries will be the most attractive targets for security vendors."
Related Article: