Organizations are doing a poor job securing mobile and other portable devices, according to a recent survey of information security professionals.
Results of the survey, which involved 220 information security professionals across multiple industries who attended the recent Black Hat USA security conference, show the need for organizations to pay more attention to policies governing mobile devices, researchers say.
Nearly 80 percent of respondents worry that mobile and personal devices could be used in distributed denial of service attacks, but only 11 percent consider such attacks to be a top security threat.
Tripwire, a vendor of endpoint detection and response security software, conducted the survey. “The Internet of Things presents a clear weak spot for an increasing number of information security organizations,” says Tim Erlin, director of IT security and risk strategy at Tripwire.
Secure configurations of devices and improved patch management can limit the risk, and those steps are crucial because many IoT devices were created with low cost taking priority over security, he adds.
The top security threats that organizations face are phishing, cyber espionage and ransomware, respondents to the on-site survey said.
