Spyware top threat, CompTIA says 30 November, 2007 By Chris Talbot

PromoPipeline Exclusive Channel Promotions Find Out How You Can Make Money Today! ENROLL FREE! >> Its Getting Crowded in the Cloud Diane Krakora - PartnerPath Creating Cultures of Complexity Awareness Beth Vanni - PartnerPath Special Offer From ChannelLine and CompTIA Robert M. Cohen - Integrated mar.com CompTIA Webinar: How To Profitably Grow Your Business Series: Business Assessment and Developing Effective Business Plans Robert M. Cohen - Integrated mar.com The Emergence of Partner-Led Diane Krakora - PartnerPath

In this, the fifth annual study, CompTIA surveyed organizations of all sizes from a variety of industries, and 55 percent of respondents said the volume of spyware they are fighting has increased over the past 12 months, so "obviously it's a problem that's affecting a lot of people," said Steven Ostrowski, director of corporate communications at CompTIA.

"While spyware has always been somewhere on the radar, it's been generally down the list of concerns -- definitely within the top 10 but not in the top two or three, which is the case this year. That was a bit of surprise, as it's taking up so much time and causing so many problems for organizations," Ostrowski told eChannelLine.

Spyware has moved up in rank to take the number one spot of security threats to organizations right now, but over the long term, spyware is slightly less of a concern, the report found. Spyware took the top position of current threats, followed by lack of user awareness (54 percent), viruses and worms (49 percent), authorized user abuse (44.2 percent) and browser-based attacks (41.5 percent).

When organizations were asked to identify the types of security attacks they expect to face over the next three years, spyware was no longer king of the hill. Viruses and worms were cited by 20 percent of respondents, followed by spyware/malware (14 percent), wireless access (nine percent), e-mail/attachments (nine percent), phishing/social engineering/ID theft (five percent) and remote access (five percent).

"That was one of the things that jumped out this year that we hadn't seen in previous years -- that was the number of companies dealing with security issues related to mobile computing or wireless networking," Ostrowski said.

Of the respondents to the survey, 60 percent said they had experienced an increase in the number of security issues related to handheld devices, and 55 percent said they had experienced an increase in the number of security issues related to wireless computing.

"It seems like every time measures are put in place to block one type of threat, two others pop up," Ostrowski said.

As companies continue to increase their investments in IT security (from about 15 percent in 2006 to 20 percent of their IT budgets in 2007), the threats continue to evolve.

"It's not like the companies are not taking steps to try to counteract this. They're spending almost 20 percent of their IT budgets on security, whether it's products, services or training. That's a pretty significant investment," he said.