Thursday, June 16, 2005

Gartner Survey Ranks Threats

I found the article Corporates focus on basics for IT security defences by John Leyden to be interesting. He reports on a survey presented by Gartner at their recent IT Security Summit. Gartner's survey found that IT staff ranked threats as follows:

1. Viruses and Worms
2. Outside Hacking or Cracking
3. Identity Theft and Phishing
4. Spyware
5. Denial of Service
6. Spam
7. Wireless and Mobile Device Viruses
8. Insider Threats
9. Zero Day Threats
10. Social Engineering
11. Cyber-Terrorism

I am disappointed to see social engineering ranked so low. I am glad cyber-terrorism is dead last. I am surprised to see outside hacking ranked so high, even though I agree it should be a top three priority.

Here is the list I would create (if I had to call these "threats;" many of these are not "threats." I rank these "problems" or issues using a mixture of likelihood and damage inflicted. I do not agree with all the categories presented, but here is my best assessment.

1. Viruses and Worms
2. Outside Hacking or Cracking
3. Spyware
4. Denial of Service
5. Insider Threats
6. Identity Theft and Phishing
7. Social Engineering
8. Zero Day Threats
9. Spam
10. Wireless and Mobile Device Viruses
11. Cyber-Terrorism

Also according to John, "More than half the respondents said they preferred buying 'best-of-breed' products from multiple technology providers while a third of those quizzed preferred integrated security suites, a preference catered for by a growing list of firms selling integrated security appliances."

By the way, I contacted Gartner about covering the summit for this blog and they completely ignored me. Thanks guys! So much for "new media" and the "blogosphere."

2 comments:

Marcus Ranum said...

Arrgh! another bogo-survey based on a self-selected sample. Surveys in which the respondent base is uncontrolled, may be biassed, and is self-selected are actually worth less than no survey at all.

On the other hand, since it's a Gartner survey, they probably just made the numbers up anyhow, so survey methdologies aren't very important in this case.

mjr.

Iang said...

Making a list of biggest threats depends on "what's your threat model?" Which has a very important component, being "Who are you?"

Users who are being phished via their secure browser are obviously going to put phishing at the top - if they know about it. Users who have heard that malware slows down their PC will say that is worst. Companies that have to pay for IDS, firewalls experts, audits and whathaveyou will say they are the worst, even if they are being raided by trojans and don't know it!

Every one has a different threat exposure. There is no way to easily sidestep the need to analyse ones own threats, except by disengaging...