Security

WatchGuard identifies top five threats to the enterprise


WatchGuard top threatsWatchGuard Technologies, one of the key players in the secure appliances and unified threat management (UMT) field, has just released a summary of its research conducted by WatchGuard's Rapid Response team. By tracking attack patterns over the last three years, they have identified the five key threats afflicting the enterprise:

  • DNS system attacks
  • Virus and malware
  • Buggy Web applications
  • Hacking for profit
  • End users

Obviously, unless you just started using a PC this morning, the above list would hardly be a revelation.

Still, it got me thinking about what TR members and other IT professionals would consider their foremost headache on a day-to-day basis. It has been a while since we last did a poll, so here goes.

You can read the WatchGuard press release here.

Tell us more about the threats that you face in your organization.

--------------------------------------------------------------------------------

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

16 comments
brunofgmarques
brunofgmarques

The users are our biggest threat, a big part of enterprise attacks come from inside, usually, from end users.

MinJRB
MinJRB

After you troubleshoot them, just shoot them!!! Once in the head to conserve ammo for the replacements! See? Simple!

TG2
TG2

End users are, of course, the worst thing in computing today. They all know about the warnings, and it never applies to them. I've had managers, owners, C** (cio,cfo,ceo,c*whatever*whatever) all pull the stupid stuff. Some are dumb enough to admit as much, like the emails I receive "I got an email from an old ex-employee I hadn't chatted with in a while, it had a file in it and I double clicked it.. I know I shouldn't have but now I can't get to X, Y, or Z" Its not that *they* are stupid, but just that its not in the front of their minds that *THEY ARE* the front line defence against the stupid stuff.. and all to often they fall victim to it..

Kenton.R
Kenton.R

As Ron White says, "you can't fix stupid." No matter how much you prepare, somewhere there is a moron ready to give away his password and save his most important files to his local drive on his laptop... then promptly leave it at the airport, never to be seen again. At one point, I was testing users by just randomly calling them up and asking them for their ssn. The number of users that started to rattle theirs off without even asking what I needed it for was more than a bit disconcerting.

Neon Samurai
Neon Samurai

... from another of the blue collar regulars. wouldn't it be nice if we could simply give someone a shirt that said "I'm with stupid" and an arrow pointing up? As for users willing to give out passwords; I'm just waiting for a meeting with IT where one of the managers gives me permission to "audit" our Info Sec. I'm sure my big mouth has already got me labeled as "one of *those* users" through past meetings.

Sonja Thompson
Sonja Thompson

WatchGuard's Rapid Response team identified the five key threats afflicting the enterprise. What is the biggest threat that you face on a day-to-day basis in your organization?

musashi675
musashi675

In my mind the biggest threat is still from the company insider. Why hack a system when you have the password? It is too bad that this threat didn't make the top five. I believe that the company insider is a valid a very real threat.

Neon Samurai
Neon Samurai

In some cases its lack of understanding or desire to understand the provided computer systems. In other cases it's intentional damaging behavior from an internal cracker. I figured "end users" meant both accidental and intentional damages. (Cracker being specified since the hacker community actively denounces malicious acts hence the very derogatory terms Cracker and Script Kiddie. Hackers are simply those who take the time to obsess over each technical detail of the system and have been recognized as such by the community peers. Hacking is too understand, Cracking is too damage.)

Neon Samurai
Neon Samurai

Intent is definitely important to consider. I wouldn't react to an accidental user error due to lack of knowledge the same way I'd react to intentional damages or theft of information. For the purposes of the few points given, I viewed the two as the same from a threat perspective but the are definitely different from a response perspective.

musashi675
musashi675

Your points are well taken. However I draw the distinction of an insider threat being intentional damage by someone (i.e. IT staff or a power user) with intimate technical system knowledge. I would term the end users as someone with a lower technical knowledge of the system who is more likely to do accidental damage to the system. However intentional damage by end users should not be ruled out!

dryflies
dryflies

The end users are our customers. Our jobs depend on them. I know they are going to make stupid moves and I have to balance the amount of protection against the risk to the enterprise. If we protect to thoroughly we slow down systems and productivity as much as the threat we are trying to avoid. or restrict people from performing tasks they may need to perform. so stop thinking about how much work it is for you and start thinking about your customers.

denwasson
denwasson

We used to say 'operator error', or 'a loose nut at the keyboard'. On the other side of the coin, I inherited an application (Purchase Orders) that allowed for a PO# of zero to be entered. Everyone makes boo-boo's

pfreire
pfreire

Putting end users on the list was mean. If there were no users there would be no systems and no business. That would leave IT people sort of out of a job. Users are the root cause of problems because they use the systems. But they're supposed to do so. Training users does help a lot, but better systems would also make it easier. And that's the bottom line: systems should make the user's life easier, more productive and less error-prone. Let's start pushing for better systems, instead of blaming God or the Universe for creating users, shall we...

paulmah
paulmah

I agree that a company without users (to support) would be an oxymoron to say the least. And that IT does exist largely to serve the end-user. However, the spirit of the poll was more to identify the primary areas which TR professionals find most draining time-wise. I hope to add value (and perhaps some encouragement) to the reader by drawing their attention to the problems that their peers say they are facing. So if the poll results is to highlight the end-user, then the discerning reader would probably do well to direct more effort(s) towards user education and basic IT training. This is opposed to continuing to pour money exclusively on the latest encryption hardware and malware scanners etc.

The Admiral
The Admiral

Stupid uninformed or uncaring users. They go home, download crapware on their systems throuogh AO-Hell or through their service provider then bring it into the enterprise and let it loose. It is a good thing that the network security console allows us to whack those who are violators. After I whack them from the network I send a deskside rep to fetch the machine to go into a clean room, where the drive is taken out and put into a clean machine and scrubbed of threats. Then returned to the user. They know that when someone shows up at their desk and takes their machine without saying anything that they did something BAD.

Editor's Picks