Computer Security Awareness Issues for 2009
According to a prominent Microsoft manager, the Conficker Worm has probably infected at least 10 million PCs (Network World, 2009). This worm disables malware protection and blocks access to the various vendors of antivirus products that deal with worms, viruses, spyware, and general malware.
Yet, worms, viruses, spyware, and general malware are only part of the picture for the major security challenges facing individuals and businesses today. According to a security executive guide whitepaper survey of 1000 IT professionals, “Lack of user awareness” was listed as the second most important security challenge at 54% (Network World Security Technologies whitepaper, 2009). Thus, most users and organizations are sorely in need of awareness training on coping with computer and system security issues. And that constitutes a major security challenge for 2009.
The same survey also tells us that social engineering vulnerability (24%) is expected to become an added security threat for individuals and their organizations (Network World, 2009). This vulnerability relates to the MySpace®, FacebookTM and LinkedIn® online social communities as well as other blogging websites, where users who upload, download and share information become vulnerable to identity theft via collected information and insidiously placed botnet code. Botnets are little applet programs that can take over your computer and control what information it sends and receives without your knowledge. Even the normal information on millions of people on Facebook yields too much vulnerability for someone to steal personal information, which can be used for more extensive identity and data theft based upon the initial supplied information. So, here again we see a need for more careful user awareness training in computer and network security issues.
Related to the above, Kevin Prince tells us reduced budgets in a down economy are going to make matters worse because companies will have less to spend on training even though these security vulnerabilities will most likely increase (Top 9 Security Threats in 2009, 2008). This means more exposure to security breaches due to the lack of necessary employee security training and resultant lack of awareness.
So what can we do? We need to spread the word and make computer systems and security awareness a conscious priority for attention. We also must be mindful of what information we share in social networking websites, because providing too much personal information increases your exposure to identity theft and receiving other malware botnets.
CSI (2009, January). Computer Security Alert: Security Predictions and Priorities for 2009 . Report for members of the Computer Security Institute (CSI), some summary points, used by permission.
Network World (2009). Microsoft announces Conficker worm bounty, 2-16-09 issue,p.7
Network World Security Technologies whitepaper (2009). What are your key security challenges? Retrieved via subscribed email February 9, 2009
Prince, K. (2008). Social Engineering, On-Demand eSeminar presentation by Ziff Davis Enterprise. Presenter: Kevin Prince, Chief Security Architect, Perimeter eSecurity
Prince, K. (2008). Top 9 Security Threats in 2009. Undated but created report in November 2008 by Kevin Prince, Chief Security Architect, Perimeter eSecurity. Milford, CT.