While IT administrators often are off the mark when it comes to some of
their security concerns, they’re right on target when they list the top
threat to their networks — viruses and worms.
A recent survey of 133 major North American companies shows that IT
administrators and chief security officers are most concerned about worms
and viruses attacking their systems, according to Gartner, Inc., a major
industry analyst firm based in Stamford, Conn. And while analysts say
techies are smart to worry about malware, another Gartner report says
they’re sometimes off on the wrong track.
”When you look at what organizations struggle with day-to-day, viruses
and worms are definitely at the top of the list,” says Rich Mogull, a
research vice president at Gartner. ”Though insider threats and a few
other problems may be more devastating, if you don’t manage viruses and
worms, you’re not going to be able to carry out business on a daily
basis.”
Mogull says if you judge the threats by potential damage, then insider
threats might top the list. But those kinds of attacks, thankfully, are
less frequent. Worms and viruses top the list through sheer volume.
Ken Dunham, director of malicious code at iDefense, Inc., a security
intelligence company based in Reston, Va., says malware is highly
dangerous because it uses our own weaknesses against us.
”The reality is that malicious code is more about the exploitation of
corporate weaknesses,” says Dunham. ”You might have issues with a lack
of communication and unpatched systems. That makes malicious code a core
problem.”
Here is how the IT managers in Gartner’s survey rated the threats to
their organizations:
But Gartner analysts say at least one threat on that list shouldn’t be
there.
The analyst firm recently released a report noting the top five
over-hyped IT security threats. Some risks have been greatly exaggerated,
largely by security vendors looking to increase their bottom line, says
Mogull.
”The analysts who put that list together looked at hype and tried to
determine if the hype was equal to the threat,” says Mogull. In at least
five cases, Gartner analysts concluded that it was not.
Here is Gartner’s list of over-hyped IT threats:
and virtual private networks;
”Many businesses are delaying rolling out high productivity
technologies, such as wireless local area networks (WLANs) and IP
telephony systems, because they have seen so much hype about potential
threats,” says Lawrence Orans, principal analyst at Gartner.
”We’ve also seen the perceived need to spend on compliance reporting for
Sarbanes-Oxley hyped beyond any connection with the reality of the
legislation,” adds John Pescatore, vice president and Gartner Fellow, in
the written report.
Gartner’s Mogull says there are different issues behind each over-hyped
threat.
With hot spots, Mogull says there definitely is risk, but it’s not as
great as many people believe it to be. ”If you follow good security
practices, you don’t have to worry about that too much,” he says. ”If
you have an SSL or a VPN connection, like you would connecting to any
corporate network, they can’t sniff that traffic because it’s
encrypted.”
As for compliance issues, the investments that vendors are talking about
may far exceed your needs.
”It’s not that you don’t need to be compliant, but if you follow good
security practices, then you’re 90 percent compliant,” adds Mogull.
”Basically, what we’ve seen is that everyone in the world is trying to
jump on this compliant band wagon. In some cases, you may need to make
investments, but overall, we recommend you be smart about how you do
security, and you look at closing gaps. Don’t ignore compliance but be
aware that there’s an incredible amount of hype around it.”
When it comes to worrying about mobile devices and worms, Mogull and
other analysts at Gartner say not to worry nearly so much.
”There have been a couple viruses, but no mass propagation of malicious
code,” says Mogull. ”Anti-virus companies love to issue press releases
on this because there’s a lot more mobile devices than PCs in the
world… or at least there will be soon.
”IT should secure mobile devices but they shouldn’t be investing in
anti-virus software for PDAs,” adds Mogull. ”Focus on secure
connections and securing data in case a PDA is lost in an airport.”
What it comes down to is ignoring the hype.
”Beware of the hype. Understand what the real security issues area,”
adds Mogull. ”Just because there are a couple of news articles or a
billion vendors knocking down your door, it doesn’t mean it’s actually a
security problem for you.”
Dunham at iDefense says there’s an awful lot to worry about when it comes
to security, in general. It’s a matter of figuring out what to worry
about the most.
”As more and more threats emerge, it’s getting to be very complicated
and difficult for anybody to prioritize the greatest risks,” says
Dunham. ”They’re looking for ways to survive the daily deluge of
threats. It’s all about prioritization today.”
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
