The Evolving Security Threat Landscape

During the IT Security Community meeting at CompTIA’s Annual Member Meeting today, Chris Whitener, chief strategist, HP secure advantage, enterprise business, Hewlett-Packard Company, listed out for attendees where major threats to your IT network can originate.Chris Whitener of HPInsecure interfaces and APIs can wreak havoc on your IT system.  For instance, watch for anonymous access and/or reusable tokens or passwords.  Check for clear-text authentication or transmission of content.Malicious i ...
During the IT Security Community meeting at CompTIA’s Annual Member Meeting today, Chris Whitener, chief strategist, HP secure advantage, enterprise business, Hewlett-Packard Company, listed out for attendees where major threats to your IT network can originate.

Chris Whitener of HP


Insecure interfaces and APIs can wreak havoc on your IT system.  For instance, watch for anonymous access and/or reusable tokens or passwords.  Check for clear-text authentication or transmission of content.

Malicious insiders are also a high-level threat.  Before moving to the cloud, know which insiders have access to the system: current/former employees, contractors and business partners.  The FBI says that 75 percent of people leaving jobs are taking company data with them.  However a bigger threat comes from the people that remain at the company after a layoff.  They often will take company data to protect themselves in case they get laid off next.

IT departments need to identify where data loss or leakage can occur.  Do you have sufficient authentication, authorization and audit controls, and consistent use of encryption and software keys.  Ask how reliable your data center is and who has access in a disaster.

Account or service hijacking continues to be rampant as well.  Security threats come from phishing, fraud and exploitation of software vulnerabilities.  Credentials and passwords are often reused, which amplifies the impact of such attacks.

As the industry moves more into the cloud, Whitener urged IT firms to standardize, virtualize, consolidate – in order to better manage security threats and automate higher levels of protection.

Email us at blogeditor@comptia.org for inquiries related to contributed articles, link building and other web content needs.

Read More from the CompTIA Blog

Leave a Comment