Misconfigured networks main cause of breaches
Posted on 31 August 2010.
Responses to a survey from attendees of the DEFCON 18 conference revealed that 73% came across a misconfigured network more than three quarters of the time Ė which, according to 76% of the sample, was the easiest IT resource to exploit.


Results revealed that 18% of professionals believe misconfigured networks are the result of insufficient time or money for audits. 14% felt that compliance audits that donít always capture security best practices are a factor and 11% felt that threat vectors that change faster than they can be addressed play a key role.

Automating configuration and security management is the best way forward to solving this problem, says Harrison. With an increasing number of self-described black (11%) and grey (46%) hat hackers landing corporate security positions, the focus has overwhelmingly been on how easily we can break things - less than 30% of the sample is motivated by the desire to actually fix broken systems.

It's also worth noting that 43% of respondents view planting a rogue member of staff inside a company as one of the most successful hacking methodologies. When this issue is added to the sizeable majority of security professionals that come across misconfigured systems on a regular basis, you begin to realize the scale of the security problem that networking professionals face.

"This realization is made worse when you consider that 57% of the security professionals we surveyed classified themselves as a black or grey hat hacker, and 68% of respondents admitted hacking just for fun," said Reuven Harrison, CTO at Tufin. With networks so easily penetrated, itís no surprise that 88% believe the biggest threat to organizations lies inside the firewall.

It's not all doom and gloom emanating from the survey, as 58% of attendees said they did not believe outsourcing security to a third party increased the chances of getting hacked, and almost half the sample believe it would not increase the chances of any sort of security or compliance issue.

The "Hacking Habits" survey was conducted amongst 100 registered DEFCON 18 attendees. The 14-question survey was conducted by the registration desk and outside randomly selected talks over the course of the show. All responses were voluntary and completely anonymous.





Spotlight

People will do anything for free Wi-Fi

Posted on 30 September 2014.  |  A new Wi-Fi investigation conducted on the streets of London shows that consumers carelessly use public Wi-Fi without regard for their personal privacy.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //