Growing Risks: Mobiles, Clouds, and Social Media
By Martin Abrahams on Jun 02, 2011
The International Information Systems Security Certification Consortium, Inc., (ISC)²®, has just published a report conducted on its behalf by Frost & Sullivan.
The report highlights three growing trends that security professionals are, or should be, worried about - mobile device proliferation, cloud computing, and social media.
Mobile devices are highlighted because survey respondents ranked them second in terms of threat (behind application vulnerabilities). Frost & Sullivan comment that "With so many mobile devices in the enterprise, defending corporate data from leaks either intentionally or via loss or theft of a device is challenging.". Most respondents reported that they have policies and technologies in place, with rights management being reported as part of the technology mix.
Cloud computing was ranked considerably lower by respondents, but Frost & Sullivan highlighted it as a growing concern for which the security professionals consistently cited the need for more training and awareness.
The security professionals also reported that their two most feared cloud-related threats are:
- "Exposure of confidential or sensitive information to unauthorised systems or personnel"
- "Confidential or sensitive data loss or leakage"
These two concerns were ranked head and shoulders above access controls, cyber attacks, and disruptions to operation, and concerns about compliance audits and forensic reporting.
Rather contrarily, the third trend is highlighted because respondents reported that it is not a major concern. Frost & Sullivan observe that many security professionals appear to be under-estimating the risks of social computing, with 28% of respondents saying that they impose no restrictions at all on the use of social media, and most imposing few restrictions.
So, interesting reading although no great surprises - and reason enough for me to write three pieces on what Oracle IRM brings to the party for each of these three challenging trends.
A comment on mobile device proliferation is already available here.
A comment on cloud adoption is available here