Users smallest source of concern despite causing most security breaches: CompTIA

Persistent shortcomings in corporate information-security policy continue to compromise security efforts by exposing organisations to human error and the ever more-clever depredations of ransomware and other malware authors, peak security group CompTIA Information Technology has warned on the back of new research showing that just 54 percent of surveyed companies offer their employees any form of cybersecurity training.

Respondents to the organisation's latest Trends In Information Security report were almost equally concerned about the growing organisation of hackers (54 percent), the sophistication of the threats they produce (52 percent), and the greater availability of hacking tools (48 percent) that allow attacks to be created, changed and discontinued with increasing frequency.

Security tools such as data loss prevention (used by 58 percent), identity and access management (57 percent) and security information and event management (49 percent) were helping many organisations mount a response, yet the overall results indicated that fewer firms believe they've found the right balance between risk and security.

“It's not that businesses need to be convinced that security is important,” CompTIA senior director for technology analysis Seth Robinson said in a statement. “Instead, they need to be convinced of the ways that their current security approach is putting them at risk.”

Interestingly, when asked about their biggest source of concern about security a small number of respondents named the human element – even though reiterated commonly expressed frustration that human error is the largest factor behind security breaches.

New attacks continue to test humans' ability to recognise and block malicious emails and other attacks. The latest ransomware reported by security consulting firm KnowBe4, for example, uses the Dropbox file-sharing application as an attack vector.

KnowBe4 warned of new 'Pacman' ransomware that uses a specially crafted .EXE file attachment that is shared with victims via DropBox. If clicked upon, the attachment, which a message in Danish purports to be a 'possible new patient', encrypts the system's data files, demanding ransom be paid in Bitcoin within 24 hours.

The ongoing scourge of ransomware presents particular difficulties for organisations, whose exposure to human error is magnified when malicious code intrudes and threatens to make large swathes of corporate data inaccessible.

It's a problem that is proving to be particularly pointed in Australia, with the new CryptoWall 3.0 ransomware more successful in this region than elsewhere.

Security firm Websense recently highlighted the ongoing use of lures such as Australia Post and NSW government traffic speed camera infringements.

Use of a “legitimate-looking logo” and a CAPTCHA validation form are added to provide “a degree of legitimacy”, the Websense analysts note, while adding that the links for those clicks go to pages with hxxp: protocols instead of http:.

“Ransomware will continue to evolve as we progress through to 2015,” the Websense authors wrote. “Once a machine has become infected and files encrypted there is a little that an end user can do to counter it.”

“To strengthen your overall security posture we recommend that you raise awareness within your employee base of the dangers and signs of ransomware, and adopt suitable technologies to identify and protect from the threat in the early stages of the threat lifecycle.”

Read more: The Next Generation of Assessing Information Risk

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags risksecurity breachesdropboxhuman errorcaptchanformation-security policyKnowBe4malwarewebsense'Pacman' ransomwareinformation securitycybersecurity trainingsecuritycomptiadata lossransomware

More about Australia PostCompTIACSODropboxEnex TestLabTechnologyWebsense

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts