New Canadian Survey: Malware Attacks Up Because of Social Media; Organizations Lagging on Proper Protection
New Canadian Survey: Malware Attacks Up Because of Social Media; Organizations Lagging on Proper Protection
Social media helps business, but real-time content protection is needed
SAN DIEGO, Oct. 18, 2011 /CNW/ -- A new "Canadian Survey on Social Media Risks" released today reveals a dangerous gap in corporate social media security. 70 percent of more than 400 IT and IT security respondents in Canada said that social media in the workplace represents a serious security risk--yet only 31 percent report having the necessary security controls in place to mitigate it. More than 51 percent of Canadian respondents report an increase in malware due to social media use.
The research, conducted by the Ponemon Institute© and sponsored by content security provider Websense, Inc.® (NASDAQ: WBSN), was part of a global survey of more than 4,640 IT and IT security practitioners with an average of 10 years' experience in the field. These practitioners were located in Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Mexico, Singapore, United Kingdom, and the United States.
The dynamic social web is qualitatively different from the older, static web. It requires an IT security defense that goes beyond signature and fixed-policy web technologies (like antivirus and firewalls), because while they are necessary defenses, they are not sufficient. Technologies considered by respondents to be most important to reducing or mitigating social media threats are anti-virus/anti-malware (79 percent), endpoint security (79 percent), and identity and access management (76 percent). But only secure web gateways with real-time content analysis and data loss prevention can block advanced malware and data theft attacks, many of which seek entry through social media.
For example, imagine a new link is posted to a popular social network and it directs users to a site that downloads or leads to data-stealing code via obfuscated JavaScript. Organizations need security technology that can analyze these links as they appear, because the link path is new and doesn't have a recognizable signature or known payload. New technologies like social media, cloud services, and mobility require real-time content security, which analyzes information on the fly, as it's created and consumed.
Even with the risks, social media presents a large business opportunity for collaboration, reduced expenses, and more efficient processes. While organizations believe that bandwidth has been diminished due to social media, Canadian companies that block social media are in real danger of being left behind.
Key findings -- The rapid spread of social media may have caught many organizationsoff guard. 70 percent agree that employee use of social media puts their organizations' security at risk. In contrast, only 31 percent say that they have the necessary security controls--such as secure web gateways--in place to mitigate or reduce the risk posed by social media. -- Malware attacks have increased because of social media usage, and it's growing. 51 percent of organizations experienced an increase inmalware attacks as a direct result of employee use of social media. -- To mitigate the risks created by social media, certain technologies are preferred. Technologies considered by respondents to be most important to reducing or mitigating social media threats are anti-virus/anti-malware (79 percent), endpoint security (79 percent), and identity and access management (76 percent). But only secure web gateways with real-time content analysis and data loss prevention can block advanced malware and data theft attacks, many of which seek entry through social media. -- Even if they have a policy that addresses the acceptable use of social media in the workplace, 37 percent say that their organizations do not enforce it. Many organizations (36 percent) do not have a policy that informs employees about the acceptable use of social media in the workplace or are unsure if such a policy exists (25 percent). Ofthose, organizations that do have a policy, only 37 percent of the respondents say the policy is enforced. -- Organizations believe that IT bandwidth has been diminished as aresult of social media use. The top two negative consequences of an increase in social media use were diminished productivity (96 percent) and reduced IT bandwidth (68 percent), which increase costs. 53 percent worry about exposure to inappropriate content and 46 percent are concerned about an increase in virus or malware infections. -- Social media in the workplace is used primarily for non-business purposes. 64 percent of respondents say that employees spend more than 30 minutes each day on non-business social media activities. In contrast, 49 percent estimate that more than 30 minutes is spent on social media for business purposes each day. Quotes
"The use of social media in the Canadian workplace is growing. More and more businesses are using blogs, social networks, wikis and other social media outlets to collaborate, gather feedback, and quickly share information with key audiences," said Fiaaz Walji, Websense Canadian Country Manager. "However, the social web is dynamic and demands a new approach to security beyond just antivirus and firewalls to mitigate the increased risk this technology brings to the workplace. Real-time content analysis, data loss prevention, and advanced threat blocking are necessary."
He continued, "Businesses today need to combine employee education on proper social media practices with a content security solution that examines the content and context of social media sites in real time. Sites like Facebook, Twitter, YouTube, and LinkedIn change too rapidly to rely on traditional background analysis and security software update cycles. That's why Websense developed the TRITON(TM) real-time content security solution that can analyze individual pieces of content on these social media sites and protect your business from modern malware and data theft, plus policy controls to preserve bandwidth."
"We asked hundreds of Canadian IT security professionals and most respondents agree that the use of social media in the workplace is important to achieving business objectives," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "However, they believe social media puts their organizations at risk and they do not have the necessary security controls and enforceable policies to address the risk. It's also clear that malware attacks are increasing as a result of social media use."
Multimedia Elements:
A full copy of the Websense "Canadian Survey on Social Media Risks" can be downloaded at http://www.websense.com/content/ponemon-institute-research-report-canada-2011.as px
Click to share on Twitter:
New survey finds Canadian malware attacks up because of social media http://ow.ly/6XTs5 @Websense
Websense Links: Facebook: "Like" Websense. Twitter: Follow @Websense. About Websense, Inc.
Websense, Inc. (NASDAQ: WBSN), a global leader in unified web security, email security, and data loss prevention (DLP) solutions, delivers the best content security for modern threats at the lowest total cost of ownership to tens of thousands of enterprise, mid-market and small organizations around the world. Distributed through a global network of channel partners and delivered as appliance-based software or Security-as-a-Service (SaaS), Websense content security solutions help organizations leverage web 2.0 and cloud-based communication, collaboration, and social media, while protecting from advanced persistent threats and modern malware, preventing the loss of confidential information, and enforcing internet use and security policies. Websense is headquartered in San Diego, California with offices around the world. For more information, visit www.websense.com.
Follow Websense on Twitter: www.twitter.com/websense Join the discussion on Facebook: www.facebook.com/websense Websense Media Contact: Hally WaxWebsense, Inc. hwax@websense.com