- Event Registration
- Events Calendar
- Gartner Blog Network
- Videos
- Podcasts
- Photographs
- Gartner Books
- Analyst Coverage Areas
- Press Release RSS Feed
- Attribution Guide
- Products & Services
- Company Profile
- Investor Information
- Executive Profiles
- Board of Directors
- Acquisition History
- Gartner Policies
- Office of the Ombudsman
- North America
- Europe
- Australia / New Zealand
- S.E. Asia / North Asia
- India and Korea
- Japan
- Latin America / Mexico
- CURRENT
- VIEW ALL
New Gartner Hype Cycle Highlights Five High Impact IT Security Risks
** Gartner IT Security Summit, 18-19 September, in London **
London, UK, September 18, 2006 — Gartner, Inc. today advised businesses to plan for five increasingly prevalent cyberthreats that have the potential to inflict significant damage on organisations during the next two years. They are; targeted threats, identity theft, spyware, social engineering and viruses.Gartner previewed its 2006 Cyberthreats Hype Cycle (see figure 1) at the company’s Information Security Summit in London today. The hype cycle assesses the initial awareness, maturity, impact and market penetration of 35 IT security threats during the next ten years.
According to Amrit Williams, research director at Gartner, “We are seeing an increasingly hostile environment fuelled by financially motivated and targeted cyber attacks. By 2008 we expect that 40 percent of organisations will be targeted by financially motivated cybercrime.”
Mr Williams added, “Cyber attacks are not new, but what is changing is the motivation behind them. They are no longer just executed by hackers for hobby or cybervandilism, but by professionals with a targeted aim at one person, one company or one industry,” said Amrit Williams, research director at Gartner. “For example, we have recently seen several companies hiring private investigators to spy on their competitors. Private investigators used Trojans to install targeted spyware on competitors’ computers to gather confidential information about such things as upcoming bids and customers.”
Gartner said that social engineering and viruses will remain an everyday nuisance for chief information security officers through 2009. It warned that in the next two years, at least 50 percent of organisations will experience a social engineering or a virus attack.
Figure 1: Hype Cycle for Cyberthreats, 2006
Source: Gartner, September 2006
- Targeted threats are cyber attacks with a financial motivation that are aimed at one company or one industry. They lead to the exposure of customer sensitive data, damage to corporate reputations and potential lawsuits. Gartner urged organisations to incorporate penetration testing into vulnerability management processes and investigate more-aggressive intrusion detection and protection approaches that move beyond threat-signature-based approaches. It also advised companies to evaluate managed security services when internal capabilities are not available or sufficient for advanced security activities.
- Identity theft refers to the theft of an individual's personal or financial information for the purpose of stealing money or committing other types of crimes. A Gartner survey conducted in North America last year found that organisations considered identify theft to be the third most critical security threat to their organisation. Although the number of victims has stayed relatively stable, defenses are poor and regulators around the world, especially in the banking segment, are driving more protective measures. Gartner advised organisations to combine fraud detection with user authentication and transaction verification to ensure that user authentication methods are matched to the risk of the transaction environment. Data must also be protected using a variety of complementary measures, including strong access controls, encryption or masking where feasible, and database activity monitoring.
- Spyware is malicious software that can probe systems, reporting user behaviour to an advertiser or other party without the user’s knowledge. This continues to be a disruption as it can be used to send confidential information to unauthorised persons without the knowledge or consent of an e-mail user. Gartner predicts that by 2008, 20 to 50 percent of organisations will experience a spyware attack. Gartner advised organisations to ask their existing desktop security vendor to provide an integrated anti-spyware solution. They should also use their gateway and network security devices to provide anti-spyware capabilities in the network, a strategy that has proved effective in the fight against viruses and spam.
- Social engineering is the practice of obtaining confidential information by manipulating legitimate users. The simplest, but a still effective attack is to trick a user into thinking he or she is dealing with an administrator requesting a password or making him reveal other sensitive information. While this threat is well understood, it continues to be problematic because it requires human countermeasures. Defence against social engineering relies on deploying consistent security policies and practices that include; educational and clear reporting programmes as well as appropriate technology management. For example, to minimise the risk of sending confidential corporate documents or trade secrets to inappropriate recipients, organisations should use content monitoring and filtering tools. To limit what a successful attacker can get access to, they should enforce the principle of least privilege when assigning access rights.
- Viruses are malicious programmes that use a propagation method to enable widespread distribution. Viruses are becoming more malicious and their effects could ultimately impact data or network integrity and security, e-mail privacy, and a corporation's reputation. Viruses can ultimately cause direct loss of money. Gartner said that organisations should continue to deploy signature-based antivirus software, but they should also improve patching configuration and vulnerability detection techniques to harden PCs against popular viruses. In addition, users should pressure their incumbent antivirus vendors to provide non-signature protection, or they should switch to vendors that offer this capability.
Mr Williams said that organisations must not underestimate the lasting damage caused by traditional threats such as denial of service or spam, or cyber attacks that have become an everyday nuisance such as phishing. “Phishers are now going after lesser-known brands and are starting to combine phishing and spyware attacks,” said Mr. Williams.
“Although the volume of spam has begun to level off, spam is a continuous highly visible and annoying problem for organisations. 40 to 70 percent of global organisations’ incoming e-mail is spam, and this figure could reach 80 percent if organisations do not block spam at the gateway.”
Looking ahead to the next five to ten years, Gartner highlighted ‘rootkit’ as one of the threats with potentially the most damaging impact. A rootkit is a modified system file, such as Windows dynamic link library (WindowsDLL) or a collection of files that attackers use to replace desktop or server system files to gain undetected administrative access to the system. This enables the hacker to perform any function that a local administrator could.
“Rootkits represent an increasing threat to companies worldwide, and they are becoming more difficult to detect and prevent. Organisations need to be able to prevent, detect and remove infections. However, once a host has been compromised, it can be difficult to detect a rootkit as it conceals itself as a normal system file, which differentiates it from other threats,” concluded Mr.Williams.
More detailed analysis on understanding the life cycle of an IT security threat will be presented at the Gartner IT Security Summit, taking place 18-19 September at the Royal Lancaster Hotel in London. For more information on the Summit please visit www.europe.gartner.com/security or to register for the event please contact Laurence.goasduff@gartner.com.
The “Hype Cycle for Cyberthreats, 2006” report is one of 78 hype cycles released by Gartner in 2006. More than 1,900 information technologies and trends across more than 75 industries, technology markets, and topics are evaluated by more than 300 Gartner analysts in the most comprehensive assessment of technology maturity in the IT industry. Gartner's hype cycles assess the maturity, impact and adoption speed of hundreds of technologies across a broad range of technology, application and industry areas. It highlights the progression of an emerging technology from market over enthusiasm through a period of disillusionment to an eventual understanding of the technology's relevance and role in a market or domain. Additional information regarding the hype cycle reports is available on Gartner’s Web site at http://www.gartner.com/it/docs/reports/asset_154296_2898.jsp.
Contacts:
Laurence Goasduff
Gartner
+ 44 1784 267 195
laurence.goasduff@gartner.com
Carina Forsling
Gartner
+46 8 624 6324
carina.forsling@gartner.com
About Gartner:
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,000 associates, including 1,200 research analysts and consultants in 80 countries. For more information, visit www.gartner.com.
