Return-Path: <sentto-279987-4649-1021001032-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 09 May 2002 20:26:07 -0700 (PDT) Received: (qmail 28705 invoked by uid 510); 10 May 2002 03:24:05 -0000 Received: from n22.grp.scd.yahoo.com (66.218.66.78) by all.net with SMTP; 10 May 2002 03:24:05 -0000 X-eGroups-Return: sentto-279987-4649-1021001032-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.201] by n22.grp.scd.yahoo.com with NNFMP; 10 May 2002 03:23:53 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_2); 10 May 2002 03:23:52 -0000 Received: (qmail 84517 invoked from network); 10 May 2002 03:23:52 -0000 Received: from unknown (66.218.66.217) by m9.grp.scd.yahoo.com with QMQP; 10 May 2002 03:23:52 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 10 May 2002 03:23:52 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g4A3Ogm13144 for iwar@onelist.com; Thu, 9 May 2002 20:24:42 -0700 Message-Id: <200205100324.g4A3Ogm13144@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 9 May 2002 20:24:42 -0700 (PDT) Subject: [iwar] [fc:Companies.unprepared.for.cyberattacks] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Companies unprepared for cyberattacks SecuritySearch.net, 5/8/02 <a href="http://www.securitysearch.net/display_industry_news_article.cfm?id=485">http://www.securitysearch.net/display_industry_news_article.cfm?id=485> Through 2005, 90 percent of cyberattacks will exploit known security flaws for which a patch is available or a solution known, according to GartnerG2, a research unit of Gartner, Inc. (NYSE: IT and ITB). Presenting their outlook for cyperattack prevention at last weeks Gartner Symposium/ITxpo in San Diego, California, Gartner presented a dim outlook for cyperattack prevention. GartnerG2 said that not only are patches available before the cyberattacks, but 90 percent of the attacks are imitation ones. Moreover, recent cyberattacks could have been avoided if enterprises were more focused on their security efforts. "Nearly every major attack to hit the headlines involved the exploitation of known security flaws for which a patch or defense was widely known," said Richard Mogull, research director for GartnerG2. "Estimated losses from Code Red and Nimda were in the billions of dollars, yet Code Red exploited a flaw for which a patch was available, proving that we never learn from our mistakes. Nimda exploited the same flaw just a few months later. Both continue to survive on the Internet today." GartnerG2 predicts that through 2005, 20 percent of enterprises will experience a serious (beyond a virus) Internet security incident. Such victims can expect the cleanup costs of the incident to exceed the prevention costs by 50 percent. According to GartnerG2 the top five overall IT vulnerabilities to cyberattacks are: -- Security of suppliers and partners; -- No benchmarking (spending and value); -- Security not integrated into projects; -- Poor governance and culture; and -- Lack of risk management integration To adequately protect against security incidients, GartnerG2 says organisations must be more proactive - developing incident response procedures and monitoring the right sources to detect an attack. "A proactive security posture... means you have a well-developed response plan and keep looking for the early indications of an attack," explained Mogull. For more information on Gartner's business symposiums visit www.gartner.com/symposium. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tied to your PC? Cut Loose and Stay connected with Yahoo! Mobile http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT