Intel Security: Cybercriminals have major advantages compared to information Security firms to protect
The confidence of executives excessive pose additional advantages for cybercriminals
Google + Linked Facebook Twitter
A study conducted by the “company Intel Security “, a specialist in information security arm of the giant US electronic chip industry that cybercriminals have greater features compared to those owned by information protection companies.
Revealed “Intel , plus”, in collaboration with the Center for Strategic and International CSIS Studies, recently for its new Report entitled Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity, a global report and survey comprehensively reveals three basic forms of incentives for non – compliant and the differences between the information security companies and between cyber – crime organizations.
The report highlights the difference between the structure of the work of information security companies in exchange for the flexibility and freedom of action enjoyed by companies cyber crimes, in addition to the report ‘s focus on the issue of just put the security strategies of their implementation, and the difference between the vision of senior executives of the security situation in their companies in exchange deems the executive staff. The report also highlights the variety of ways in which companies can information security from which to benefit and learn from cyber – criminals in order to correct such disparities and imbalances.
Based on the interviews that took place during the global survey of more than 800 specialist in information security from five sectors of the variety, the study concluded that cyber – criminals have features larger than those owned by the protection of information companies, and credit for this is due to the incentives received by cyber criminals and that helps promote their business within a dynamic labor market. On the other hand, often security companies operating within the hierarchy and functional bureaucratic them suffer from the pressures and challenges that prevent them from catching up with the developments in the sector of electronic crime.
The study pointed out the existence of other imbalances can occur within the specialist firms in the monitoring of electronic attacks. As 90% of companies indicated that private ownership information security strategy , but less than half of those companies are implementing these strategies to the full. He said 83% of those surveyed also said that their companies had suffered from a variety of security breaches , which refers to the lack of connection between the development of strategies and implementation phases stage.
The report pointed to enjoy cybercriminals direct incentive to make them more determined to achieve the goals, at a time when there is little incentive that can be obtained by workers in the field of information security, the problem lies as well, according to the report, in the presence of greater confidence by executives incentives officials list compared to the size of confidence shown by the executive officers the direction of the effectiveness of those incentives. 42% of the perpetrators of information security strategies have pointed to the lack of any incentives Introduction to them, compared with 18% of decision – makers , and 8% of the operational commanders only.
Said Candace Worley, vice president of enterprise solutions at the “Intel Skjorta”: “cyber crime in the process of achieving broad success through structural work enjoyed by which always focused on stimulating and rewarding innovation and encourage the sharing of best tools and the most recent. If desired working in information security in the public sector and the business sector cope with cyber criminals, they enjoy the same qualities of flexibility enjoyed by these criminals in addition to the need to provide more incentives and benefits to enhance the work of information security specialists. ”
For his part , Dennis Cheng, director and fellow technology policy program at the Center for Strategic and International Studies , CSIS said: “It is easy to develop strategies, but difficult to implement. Method to be adopted by governments and companies to meet the challenges of non – compliant incentives will determine the size of the efficiencies that will have its own information security programs. It is not about the “why” must do, but Mayhem is the “why” has not been the implementation process and “how” we can do better. ”
The report also found several other findings, including the non – executive directors can discover and display a lack of funding and staffing, as reasons behind the decline in the ability to implement protection strategies, at a rate three times higher compared Managers executives.
In spite of a lack of incentives for those working in the field of security and protection of information, but 65% of them have personal motives to promote their company ‘s information security strategy.
The report also found exposure to 95% of the companies many security breaches have affected them in several ways , such as disruption of the operations and the loss of property rights and damage to the reputation of these companies and brands and many other effects. But 32% of these companies only referred to the loss of profits or revenues, which were to lead to more false sense of security.
Government sector has achieved the lowest rates in the implementation of security strategies (38%). This sector also saw the largest share of the bodies that suffer from a lack of funding for protection tools (58 percent) and lack of security personnel (63%) compared to the private sector (33% and 43%).
The report also identified a set of effective methods enjoyed by cyber – crime organizations, which can be defenders against the utilization of the attacks, including the benefit from the protection model as a service security-as-a-service in order to cope with cyber – crime model as a service cybercrime-as-a-service which achieved widespread within the cybercrime market.
Effective ways also public disclosure of cases of security breaches for more caution, enhance transparency, and reduce the entry requirements for those who have the talents of information security, and aligning performance incentives from July until the senior leadership and operating staff.
The good news, according to the report ‘s authors, is that most companies are aware of the seriousness of the issues and problems of information security and is in the process of doing something to address the security challenges of all kinds. But institutions need to be a wide range of tools to counter cyber – criminals, and longer tests are very essential to identify the right mix of measures and incentives needed by every organization to reach a strategic framework that guarantees full its protection, and not just a framework focuses on the costs and even business model provides further innovation when performing operations.Viewing:-26
This post first appeared on Need Help Ask Us Now Most Important Technology New, please read the originial post: here