[iwar] [fc:Companies.unprepared.for.cyberattacks]

From: Fred Cohen (fc@all.net)
Date: 2002-05-09 20:24:42


Return-Path: <sentto-279987-4649-1021001032-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 09 May 2002 20:26:07 -0700 (PDT)
Received: (qmail 28705 invoked by uid 510); 10 May 2002 03:24:05 -0000
Received: from n22.grp.scd.yahoo.com (66.218.66.78) by all.net with SMTP; 10 May 2002 03:24:05 -0000
X-eGroups-Return: sentto-279987-4649-1021001032-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.201] by n22.grp.scd.yahoo.com with NNFMP; 10 May 2002 03:23:53 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_3_2); 10 May 2002 03:23:52 -0000
Received: (qmail 84517 invoked from network); 10 May 2002 03:23:52 -0000
Received: from unknown (66.218.66.217) by m9.grp.scd.yahoo.com with QMQP; 10 May 2002 03:23:52 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 10 May 2002 03:23:52 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g4A3Ogm13144 for iwar@onelist.com; Thu, 9 May 2002 20:24:42 -0700
Message-Id: <200205100324.g4A3Ogm13144@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 9 May 2002 20:24:42 -0700 (PDT)
Subject: [iwar] [fc:Companies.unprepared.for.cyberattacks]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Companies unprepared for cyberattacks 
SecuritySearch.net, 5/8/02
<a href="http://www.securitysearch.net/display_industry_news_article.cfm?id=485">http://www.securitysearch.net/display_industry_news_article.cfm?id=485>

Through 2005, 90 percent of cyberattacks will exploit known security
flaws for which a patch is available or a solution known, according to
GartnerG2, a research unit of Gartner, Inc. (NYSE: IT and ITB). 
Presenting their outlook for cyperattack prevention at last weeks
Gartner Symposium/ITxpo in San Diego, California, Gartner presented a
dim outlook for cyperattack prevention. 
GartnerG2 said that not only are patches available before the
cyberattacks, but 90 percent of the attacks are imitation ones.
Moreover, recent cyberattacks could have been avoided if enterprises
were more focused on their security efforts. 
"Nearly every major attack to hit the headlines involved the
exploitation of known security flaws for which a patch or defense was
widely known," said Richard Mogull, research director for GartnerG2.
"Estimated losses from Code Red and Nimda were in the billions of
dollars, yet Code Red exploited a flaw for which a patch was available,
proving that we never learn from our mistakes. Nimda exploited the same
flaw just a few months later. Both continue to survive on the Internet
today." 
GartnerG2 predicts that through 2005, 20 percent of enterprises will
experience a serious (beyond a virus) Internet security incident. Such
victims can expect the cleanup costs of the incident to exceed the
prevention costs by 50 percent. 
According to GartnerG2 the top five overall IT vulnerabilities to
cyberattacks are: 
-- Security of suppliers and partners; 
-- No benchmarking (spending and value); 
-- Security not integrated into projects; 
-- Poor governance and culture; and 
-- Lack of risk management integration 
To adequately protect against security incidients, GartnerG2 says
organisations must be more proactive - developing incident response
procedures and monitoring the right sources to detect an attack. 
"A proactive security posture... means you have a well-developed
response plan and keep looking for the early indications of an attack,"
explained Mogull. 
For more information on Gartner's business symposiums visit
www.gartner.com/symposium.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tied to your PC? Cut Loose and
Stay connected with Yahoo! Mobile
http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT