Revealed: CISO's top security concerns

By

What concerns Australia's security professionals?

Chief information security officers in Australia and New Zealand have told analyst firm IBRS that managing consumer-grade mobile devices in the enterprise is one of their top security concerns.

Revealed: CISO's top security concerns

The preliminary results of 70 plus interviews between senior IT security executives and IBRS analyst James Turner have revealed that managing and securing mobile devices - particularly the iPhone was a  concern.

"Executives are getting them, bringing them into the workplace and asking to have them set up as though it was an enterprise-issued device," said Turner. 

"There are a stack of issues around this, not least of which is the understanding that it's a consumer device and not built with enterprise utility in mind."

Turner said the penetration testers HackLabs, Securus Global and StratSec, with whom he has discussed the issue, were "scathing" of iPhone security, claiming it was "laughable".

"All they needed was physical access to the device and a laptop with some specific software on it.

"This is pretty serious for security professionals who are trying to protect their organisation's sensitive corporate data. Mobile phones are always being lost and the brand doesn't matter," he said.

Meanwhile, communicating risk to the organisation was also flagged as a top concern.

"Security professionals are continually dealing with the operational and environmental risks that the organisation has to address and then they have to identify these to business decision makers and recommend a path of action."

The top issues for CISOs in Australia and New Zealand in no particular order were:

1. Managing mobile users & mobile devices
2. Communicating risk to the rest of the organisation
3. DLP
4. Cybercrime & cyber-terrorism
5. Managing complexity
6. Managing the perimeter
7. Virtualisation and security
8. Managing information
9. Identity management
10. Managing vendors
11. Firewalls and architecture
12. Cloud and SaaS

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party

Melbourne dev finds gift card PINs can be brute-forced

Melbourne dev finds gift card PINs can be brute-forced

Western Sydney University targets file-sharing sites hosting stolen data

Western Sydney University targets file-sharing sites hosting stolen data

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Log In

  |  Forgot your password?