HP conducted a survey at Infosec this week, to judge how those present felt about IT security in general – and the message is that the majority are seeing an increase in malicious activity targeting their servers.
Across 150 attendees which HP talked to, 60 per cent said that they thought the frequency of attacks on their IT infrastructure had increased in the past year.
And when questioned about what they felt were the biggest security threats to their organisation, social engineering and phishing came out on top, unsurprisingly – with 18.1 per cent citing this. Attacks for financial gain came a very close second on 17.1 per cent, with staff accidentally causing security foul-ups in third place on 16.3 per cent, edging out malware on 16 per cent.
Mobile devices and BYOD security was the fifth concern on 13.1 per cent, with infrastructure vulnerabilities and politically motivated cyber-attacks (Anonymous, SEA and so forth) bringing up the rear on 9.9 and 9.6 per cent respectively.
In a way, of course, staff are simply the biggest danger in terms of the fact that it's employees who fall for phishing and social engineering attacks, as well as causing breaches through bad practice or mistakes.
As to what respondents felt had most improved their security levels, the clear leader here was policy implementation on 48 per cent, followed by hardware purchases on 25 per cent. Service purchases came in third on 14 per cent.
Tony Caine, VP and General Manager, APJ & EMEA, HP Enterprise Security Products, commented: "Once again we see that many organisations are feeling increasingly threatened by attacks on their infrastructure and that awareness of the adversary and what we face is growing. The data shows that experts feel implementing new security policies along with new security kit helps to tackle these. Compliance is just the bare minimum."