Symantec: Beware Insider ThreatsNew Study Shows Internet Vulnerabilities Drop, Yet Risks Rise
There's some good news on the cybersecurity front, for a change: The number of Internet vulnerabilities identified by Symantec dropped 20 percent last year, according to the security technology company's just-released annual Internet Security Threat Report.
See Also: What is next-generation AML?
The tone of the rest of the report, however, isn't so optimistic. In fact, it's downright gloomy, as the company cautioned the IT security community about an 81 percent uptick in malicious attacks and the expectation of more to come in 2012.
IT managers jittery about defending their organizations' information systems should look over their shoulders from time to time.
And here's another worrisome factoid: IT managers jittery about defending their organizations' information systems should look over their shoulders from time to time. The insider, as we've been told time and time again, remains - and is likely to continue to be - one of the biggest threats.
"While external threats will continue to multiply, the insider threat will also create headlines, as employees act intentionally - and unintentionally - to leak or steal valuable data," Symantec notes.
Why? Because we're not doing enough to educate employees and customers about security and risk.
Symantec's Global Intelligence Network monitors hacking and Internet attacks in more than 200 countries and territories. It also maintains a database that holds almost 48,000 recorded vulnerabilities from nearly 16,000 global vendors. So, Symantec's analysis is one of the best available, at least where Internet security threats and trends are concerned.
The actual number of Internet vulnerabilities identified by Symantec dropped 20 percent from 2010, and Symantec, for its part, blocked more than 5.5 billion malicious attacks in 2011 -- 81 percent more than it blocked the previous year.
Hacking exposed more than 187.2 million identities last year, Symantec found. But the root of most data breaches is not linked to hacks; it's linked to old-fashioned theft and/or sloppy security, such as through the loss of a laptop.
Top-Ten Sectors By Number of Data Breaches
We see a lot of these so-called low-tech breaches on the healthcare side. In 2011, Symantec found that among the top 10 sectors for data breaches, healthcare ranked No. 1 - accounting for 43 percent of the breaches reported among those 10 sectors. Government ranked No. 2 - 14 percent; education ranked No. 3 - 13 percent; and financial ranked No. 4 - 8 percent.
I point that out to show how critical education is. The government and financial sectors, though still among the top 10 for data breaches, are much more sophisticated when it comes to security. They've spent decades protecting data. In the healthcare space, that level of sophistication is not there, and it shows.
And here is why education is becoming increasingly critical: Fraudsters are perfecting their abilities to target and manipulate. Well-crafted socially engineered schemes that take advantage of common user behavior are the problem. Technology can only go so far.
In the end, you have to train staff members and customers not to click suspicious links or provide personally identifiable information to someone they don't know. But we see it happen more and more every day.
Targeted Email Attacks, By Top-Ten Industry Sectors, 2011
Source: Symantec Cloud
This is why targeted attacks, like spear phishing, are so successful. And it's why concerns about mobile security are mounting, because we know that user behavior on mobile devices is, if anything, insecure.
Symantec does offer advice, such as keeping antivirus software up-to-date and enforcing effective password policies. All important, but without the education piece, we won't have a fighting chance.