Security pros are focused on the wrong threats

Security pros are focused on the wrong threats

Corporate information technology departments are prioritizing the wrong threats to their computer systems, focusing on old problems and leaving their companies open to a raft of new cyberattacks aiming at private customer and corporate information.
That is the finding of a new biannual report from the SANS Institute, a training organization for computer security professionals, whose senior staff weighed two sets of data that have not been rigorously compared to date: data on the most common attacks hitting corporate networks and data on which vulnerabilities are most prevalent on company networks. TippingPoint, an intrusion-prevention technology company, provided the attack data, collected during its defense of 6,000 organizations during the first six months of the year, while Qualys, a vulnerability-management company, provided data on the most common security holes based on its analysis of nine million customer computers.
Read full article>>