According to a recent survey by Imperva German IT Security Manager, insider threat is the greatest danger when it comes to data loss within corporate networks (54 percent) came from. Far fewer respondents took the opportunity to even someone (25 percent) believed the debt, much less that hackers were responsible for data theft incidents (21 percent) in the first place. Another result showed that 70 percent of the respondents were not planning to outsource mission-critical or sensitive data as part of a cloud-project to an external service, in the next twelve months.
The survey findings correlated with the latest IT security trends for 2011 which Imperva published in their annual report in November. Analysis of data security incidents by the Imperva Application Defense Center (ADC) in the past year showed that IT security managers will have to face 2011 with challenges in three key areas:
- The protection of mobile devices will play a more important role. Providing more complex identification and authentication solutions for mobile devices will become a particular area of focus due to the expected increase in the volume of mobile malware attacks.
- A late reaction. Companies will start to move part of their data storage and applications to the Cloud, culminating in the gradual establishment of Cloud-based data security solutions by the end of 2011.
- Possible increase in the State support of cyber-attacks such as Stuxnet will build on the concepts and techniques of the commercial hacking industry; thus an increase in unnoticed and ongoing spy networks (Advanced Persistent Threats (APT)) will be made possible.
Dietmar Kenzle, regional sales director DACH & Eastern Europe: “Employees within an organization that have privileged rights, i.e. the” Insider “are increasingly in the focus of IT security managers.” The ability to direct access to corporate databases is enough motivation for a regular employee in a potential criminal. The database server is the usual destination for insider staff as they a bastion that easy to carry and is also very rewarding. To prevent sensitive data in the wrong hands company should the possible scenarios and methods of criminal Insider. Through the use of appropriate tools, E.g. third cloud providers, can security compromises averted or at least mitigated. ”
Kenzle added: “other concerns are in the transmission of sensitive data in the cloud is certainly obvious it common problems in the near future as current research shows that many enterprises still skeptical over many feel this step the risks..” are stored with all their information in a virtual layer too large, it remains to be seen, what security mechanisms is the most reliable protection are using one be Web application firewall. -especially in a third managed service – a major building within a security framework for the cloud is made to block. ”
Amichai Shulman, CTO of Imperva, said:.. “We expect in the coming months, significantly different threat scenarios, information security manager provides a number of major challenges, the biggest potential threat is detected by the proliferation of advanced mobile devices to corporate networks to access I expect that next year we will see the first major data security incident, caused by such high-risk devices also incidents which will be based on advanced techniques for permanent spying networks become an increasingly major problem for the company -. the political and financial gain the most prominent driving forces of these issues. “