Every system has weak points, points of possible failure. A primary principle of engineering is analysis of failure points in order to avoid a catastrophic failure of any given system. But here's something more engineers should consider. The single biggest security threat faced by corporate networks is now internal employees, and mostly by way of their incompetence. People are stupid. They can not do their jobs. They can not operate the machinery of modern civilization.
"Financial fraud and viruses caused most of the monetary losses, but both have fallen in frequency over the last few years. Only 12 percent of all respondents reported financial fraud at their institutions. Viruses, which used to plague 90 percent of all companies in 2001, now affect only 52 percent.
"It's internal users who are now causing the greatest number of problems, though they may also cause minimal damage. Hiding porn on an office PC, using unlicensed software, and abusing e-mail all count as security incidents, though all pale in comparison to one successful phishing trip. These sorts of internal incidents can be pesky, though, and 59 percent of all respondents had to deal with them in the last year."
No comments:
Post a Comment