Putting the lid on security threats

Our first Market Guide for 2008 looks at the top 10 security threats facing organisations this year.

The list has been compiled with the assistance of security experts from the vendor and analyst community and is designed as a heads-up of the most significant security nasties to watch out for. But rather than just provide a list of what's bad, we've also endeavoured to offer tips for managing the increasingly complicated security landscape.

One of the keys to effective security today is to recognise that security can't be dealt with in isolation. Converging technologies, such as voice and IP, are already demonstrating how intertwined and reliant today's applications and technologies are on each other, while social networking tools, like instant messaging and Web 2.0, are changing how technology is being used. They're also creating fresh opportunities for security attacks and breaches.

According to the experts, the focus is shifting increasingly away from endpoint attacks and towards applications - a trend which is expected to cause grief this year.

At the same time, more organisations are allowing employees to work remotely, opening a mobile security can of worms. This means resellers managing their security needs have to expand their field of vision out from the operating system or back-office network, and into individual hardware, such as notebooks and PDAs, and port devices like USB drives.

Industry experts agree end-user education continues to be the key to avoiding major security breaches. And with more sophisticated phishing, malware and botnets on the cards, more vigilance is going to be needed.

As well as the top 10, ARN's Market Guide also includes broader market statistics on emerging security threats, such as Flirtbots and Cyber espionage. One frightening statistic is the amount of money being paid for information around security vulnerabilities and exploits. Figures from Trend Micro show there's serious cash to be made in denial-of-service attacks, stolen bank account credentials or malware packages for those that have the skills. With such pecuniary enticements at hand, it's no wonder there's a thriving black market for cyber criminals.

While it's imperative resellers know the security risks and the remedies, they also need to be able to juggle those with ensuring business continuity. It's a tough job to take on, but those with a good understanding of the security issues who can proactively assist customers to avoid data breaches will only make their position with customers stronger.