9 March 2011 | Published by Ovum

Press release

Enterprises are not taking threat of cyber espionage seriously enough, Ovum finds

Enterprises are not taking the threat of cyber espionage seriously enough, and many have not taken adequate steps to prevent an attack, according to Ovum.

In a new study*, the independent technology analyst claims that cyber espionage is a major threat to enterprises. But despite this, it has been overlooked, leaving many vulnerable.

Graham Titterington, author of the report and Ovum principal analyst, said: “The threat of cyber espionage must be addressed by enterprises as it is as relevant to them as it is to national security organisations.

“Cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information. They want valuable information such as product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim.

“Almost every organisation has sensitive information that would damage it if it were to be leaked out; however, many have overlooked cyber espionage in their preoccupation with preventing the theft of financial data. This needs to change, and enterprises need to wake up to the danger posed or risk losing valuable information and having to deal with the consequences.”

Cyber espionage is usually aimed at key individuals within an organisation, who are sent ‘spear phishing’ emails containing malicious links or attachments that infect their machines. The criminals then use malware to identify assets, decrypt login details and steal the target information.

Titterington commented: “The home computer networks and personal lives of key individuals may be the weakest part in the corporate security defenses. Personal information may reveal passwords and other credentials, and individuals may be susceptible to blackmail.”

The report advises enterprises to increase their awareness of cyber espionage, restrict the distribution of sensitive information, vet users who have access to high-value information, protect data held on third third-party sites and conduct a risk analysis, including mobile devices and removable media.

The report also warns enterprises that holding large amounts of data can increase the risk of falling victim to cyber espionage, and they should look to minimise volumes. Titterington added: “Every piece of stored data and every copy of this data is a potential leakage incident as it gives spies more potential targets to attack. The increasing volume of data makes it harder to manage the entire data estate.

“The growth in data volumes should be examined critically. At minimum, organisations should make more use of shared data infrastructure and services so individual users can be discouraged from creating their own copies.”

-ENDS—

NOTES TO EDITORS

*Protecting Against Cyber Espionage

To arrange an interview or for further details regarding this release please contactKelly Liveseyin the Ovum press office on +44 0161 238 4081, or emailklivesey@datamonitor.com

ABOUT OVUM

Ovum provides clients with independent and objective analysis that enables them to make better business and technology decisions. Our research draws upon over 400,000 interviews a year with business and technology, telecoms and sourcing decision-makers, giving Ovum and our clients unparalleled insight not only into business requirements but also the technology that organisations must support. Ovum is part of the Datamonitor group.

- Ends -