New reports says, through 2005, 20 percent of enterprises will experience serious security incident
Stamford, CN — August 8, 2003 — With more than 600 million individuals worldwide now on the Internet, cybercriminals are taking advantage of users, enterprises and unsecured systems to usher in a new era of high-profit, low-overhead crimes, according to Gartner Inc.
Gartner analysts said that through 2005, 20 percent of enterprises are set to experience a serious (beyond virus) Internet security incident. These crimes are targeting information and intellectual property. The firm said that while the majority of enterprises will not face such an attack, companies must still take the proper precautions. Being a victim of one of these security incidents could be much more costly for enterprises if they don't protect themselves.
"It takes only one unsecured machine on a network to create potential risk for everyone else," said Richard Hunter, vice president and Gartner Fellow. "The risks and the costs of defenses are high, and the trend is moving both upward."
Gartner's assessment is that, at its highest level within the enterprise, information security's top vulnerabilities are fundamentally insecure commercial software, inadequate patch update models and misguided users who believe crime happens to "someone else."
While companies try to address those security issues, a number of new technologies will add to their challenges. Gartner said Web services would produce discontinuities in new application security. Unsecured wireless local area networks (LANs) represent a serious point of potential failure for enterprise networks, and instant messaging is creating worrisome holes.
"As enterprises turn their collective attention away from tactical security issues stemming from homeland security initiatives and back to infrastructure security, they will witness an evolution from after-the-fact improvements to more secure and thus more expensive products," said Victor Wheatman, managing vice president for Gartner.
Gartner said its new report, "Securing the Enterprise: The Latest Strategies and Technologies for Building a Safe Architecture," describes ways in which security organizations can monitor risks, assess defenses and create more secure enterprises. Topics addressed in the report include the "Cyber-Threat" Hype Cycle, which details the progression of a number of important cyber-threats; the role of government in fighting cybercrime; how to build and manage a computer incident response team; issues and strategies for IT security management; business continuity and disaster recovery management; and the importance of implementing wireless and mobile security measures.
The 250-page Gartner security report is part of a five-set series from Gartner Press that provides buyers with printed reports on topics of interest to today's business and IT executives.
For more information on how companies are dealing with security issues within their own four walls, see the October/November 2003 issue of Supply & Demand Chain Executive (formerly iSource Business Magazine).