Redspin
Redspin Research
Redspin Presentations
Redspin Videos
Redspin Data Sheets
Redspin White Papers
Technical Resources
Regulatory Resources
Security Management
Advisory
Contact Us Toll Free - 800-721-9177
Redspin SMA Sign Up!
Sign yourself or a colleague up for our free Redspin Security Management Advisory monthly newsletter. We will not share your email address.
* = Required Information
Name:
* Email:
Request A Quote
Security Blog
Assessment Services Assessment Tools Security Research About Us Contact Us

Redspin Security Management Advisory

Back To Redspin Security Management Advisory Headlines
Security Management Advisory Volume 17 | November 2009
Top Information Security Issues and Threats
Knowing your enemy is just as important in security as it is in traditional warfare.
Understanding the specific incidents and process breakdowns from the past and being prepared for the future is helpful in moving your security program forward. Our hope is that you find this report equally valuable in coming to terms with planning and implementing your security program.
In our review of security threats and issues over the past year, we have broadened our outlook to consider threats that breakdown the information security fabric that protects your information. Our unique view of emerging issues and threats gives us the basis for these 2010 projections.

We believe these security issues are the result of the following important trends:
  • Through SSH (Secure Shell) access
  • Through Web Access
  • Through VMWare Virtual Infrastructure Client

On the threat front, direct attacks against applications in various forms lead the way. Our belief is that this is because the aim of the attacker is monetary gain and the web application presents the largest attack surface while being easiest to exploit. Botnets remain widespread but have become a more significant threat because of their ability to tunnel over common transport protocols. Thus, outdated firewalls offer no protection nor do IPS or IDS systems.

Threats and Security Issues We Have Identified
Lack of Security Visibility with Virtualization Infrastructure
Ineffective Policy
"Drive-By-Downloads"; Web Malware
Web Application Threats
Botnets, Keyloggers and Other Malware
Poor Choice of Identity and Access Management Systems
Lack of Attention to Protecting High Business Impact Data
Poor Procedures for Patching and Configuring Infrastructure
Social Engineering Threats
Lack of Encryption and Centralized Key Management
Change Management Procedures for Applications
Partner Information Access

Read the full story
This research was conducted by the Redspin security team, during hundreds of security assessments nationwide in 2008/2009. Click the link below to review the entire 2010 Top Information Security Issues and Threats
Speak with a Redspin Security Consultant Today!
* = Required Information
Contact Information:
* Your Name:
* Company:
* Email:
* Telephone:
Questions?
Would you like to submit a question to the "A" Team
Security Experts?

Home  |  Assessment Services  |  Assessment Tools  |  Security Research  |  About Us  |  Contact Us  |  Site Map
©2009 Redspin, Inc. | Privacy Policy
Site Design and Development by Petro Design Co.

Casino IT Assessments

External Network Security Assessments

Financial Services

Healthcare Security Assessments

Internal Network Security Assessments

NERC Cyber Security Assessments

PCI Services

Social Engineering

Special Security Assessment Services

Testing and Certification Program

Website Security Assessments

NMap XML2SQL

fTrace

Crackulator

Redspin Research

Redspin Presentations

Redspin Videos

Redspin Data Sheets

Redspin White Papers

Technical Resources

Regulatory Resources

Security Management Advisory

Corporate Ethos

Environmental Ethos

Redspin In The News

Press Releases

Upcoming Events

Careers

Contact Us

Request Pricing