Web 2.0 proving sticky for corporate security

With the Web becoming central to the way companies do business, cybercriminals are taking increasing advantage of Web 2.0 and social networking sites to launch attacks, according to Christian Christiansen, vice president for security products and services for IDC.

The Web isn’t the benign resource for information that people once saw it as, said Christiansen, who spoke recently at Kaspersky Lab’s Surviving CyberCrime Event in Waltham, Mass. “One of the things that’s happened that’s disconcerting, and it’s been growing over the last 10 years, is the blending of people’s private lives with their corporate lives,” he said.

Employees’ personal lives – their online shopping habits and interactions with friends and families – get intermingled with the interactions they have at work with customers, fellow employees, partners and suppliers, he said. “So that creates a perforated perimeter where there isn’t a hard, fast separation between the corporate world and the personal world,” he said.

The latest threats to network security now are coming from collaboration and Web 2.0 environments – where employees casually click on links that could lead them to malware – and they come from the wide variety of devices that may be accessing private as well as corporate networks, he said.

“We’re seeing a change in the threat environment. Instead of the threats, the malicious code, being distributed as e-mail attachments, we’re seeing more and more that they’re being embedded in Web 2.0 links,” he noted. “In the past, what you saw was an immediate effect. Now we’re seeing much greater levels of subterfuge and much more sophisticated attacks.”

To better avoid potential problems, IT departments need to control user behavior, the types of devices being used to access information, the applications being used and content contributions.

“Risk reduction requires policy managements and layered protection at the gateway to the Internet as well as at the endpoint [desktops, laptops and servers],” he said. “You need a whole series of checks and balances.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now