/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI: Enterprises are not as secure as they think, shouts out Trend Micro based on a security threat assessment it recently undertook.
As it explains in a press note, enterprises that thought they were secure discovered otherwise. The security threat assessment uncovered active malware and threats that had slipped through existing security infrastructures, and were residing undetected on corporate networks and endpoints on 100 percent of all participating companies from North America, Latin America, Europe and Asia Pacific. On average, these companies have over 11,000 employees and include those from the finance, heath care, government, education and manufacturing industries.
“The results garnered from our security threat assessment prove that as threats become more numerous and sophisticated, conventional security technologies such as endpoint antivirus, Web security gateways, email
security gateways and IPS solutions are struggling to keep up,” said Jai Balasubramaniyan, director of product management and marketing. “The types of malware we found were more than just a nuisance, they were malicious and designed to steal data.”
Between October 2008 and June 2009, Trend Micro performed over 100 assessments on enterprises worldwide and discovered that 100 per cent of them were infected with active malware. About 50 per cent had at least one data-stealing malware hidden in their networks. While 45 per cent had multiple data-stealing malware infections, 72 per cent had at least one IRC bot, 50 per cent had 4 or more IRC bots, 83 per cent had at least one malware Web download and 60 per cent had more than 20 malware Web downloads.
The company, which is a player in security products and threat management, adds that while traditional security solutions are critical for a first line of defense, organizations still to face a number of security gaps that are
continuously exploited by modern-day malware. Today’s stealthy malware infiltrate corporate networks for a variety of reasons like mobile users who go on and off the network with infected devices that compromise corporate networks. Also inadequate remote office security, lack of onsite IT personnel, and lax policy enforcement impact security come into play while increased usage of easily exploited technologies such as P2P, file sharing, streaming media, and instant messaging also impacts the scenario.
Other gap cited was around unmanaged and unpatched endpoints such as legacy systems, contractors and guest laptops, USB devices, and other portable and mass storage devices.