Malware and phishing (phishing) continue to be seen by the company as the biggest cyber threat – according to the Global Information Security Survey EY. EY expert warns that many entrepreneurs do not deal with hackers.
“E-mails that are confusingly similar to those sent by banks, courier companies and insurers are becoming increasingly common challenge for management companies” – said at Tuesday’s presentation of the results of 18 Global Information Security Survey EY specialist. IT risk management in EY Michael Kurek
As pointed out, the problem is even more serious that access to malicious software is not the exclusive domain of sophisticated hackers. “Currently, the underground black market of Internet is so developed that buying software exploits for the layman is not basically no problem,” – he stressed.
By Kurka compared with the previous editions of research in which entrepreneurs as a source of the greatest threat pointed to carelessness own employees in this year’s survey, most respondents indicated that the most serious threats come from the outside. How rating is due to the growing awareness that criminal groups are so specialized that they are able to act as inconspicuously as employee inside.
“By this attack is often detected by third parties, not the teams responsible for cyber security companies. The companies are vulnerable because, as pointed respondents do not have an adequate budget or can not obtain from the market appropriately qualified specialists. Through this only 12 per cent. of the respondents feel that their unit responsible for security working properly “- said the expert EY.
In his view, companies still find it difficult to detect, they are attacked. “When we analyze the loud incidents we see that company for many months, and sometimes years, are not aware that they are under attack. During this time, a hacker can do a lot. The companies hard to gather information together and detect bodies in her acting. It’s hard It is also to calculate the losses caused by the attack, because often they relate to the company’s image, “- said Kurek.
He stressed that Polish companies still do not see the whole of its cyber security and often believe that it is limited to the issue of appropriate technology.
“Only when technology is combined with the procedures and suitably qualified personnel, it gives the security level. Otherwise, the omission of the human factor can lead to a false sense of security – the management is convinced that spending a lot of money is safe. It is easier to spend money on technology than to understand that you should really take care of the selection and verification of the people responsible for the security of information “- says Kurek.
He also stressed that a good solution is to outsource cyber security, which is commissioned to take care of business security to specialized companies. “Often the company, which operates 50 banks in terms of security, much better versed in the dangers and attacks than individuals of security in individual banks,” – said Kurek.
In the 18th Global Information Security Survey 1755 was attended by representatives of companies from 67 countries – including Polish. They were mostly persons responsible for the information technology or IT security of 25 sectors. The survey was conducted between June and September of 2015. (PAP)
rcze / fumes /
No comments:
Post a Comment