Companies still get it wrong on security
Hardware and software vendors are guilty of hyping external IT security threats while failing to warn companies sufficiently about internal risks, according to a survey of senior executives by the Economist Intelligence Unit in association with AT&T.
The survey showed that while more than half the execs saw viruses and worms as the main threat, 80 percent also admitted to having opened an unrecognised email attachment in the last year. Some also confessed to using their name or birthday as a password, or to accessing the company network in a public place and failing to log out.
"The security industry has had an interest in talking up technical and electronic counter-measures, as opposed to good practice and setting security policies," says EIU senior editor Gareth Lofthouse. "But it's easier for companies to throw money at it - a cultural challenge is much harder."
[ Read more ]