Security group warns of top 10 threats

Independent security body the Information Security Forum (ISF) has released its list of the top 10 security threats for the coming two years, unsurprisingly rating 'criminal attacks' as the biggest threat facing organisations.

The Threat Horizon 2011 report used interviews with ISF member organisations to obtain an accurate picture of the threat landscape, and the areas in which information security professionals are most likely to be tested.

In particular, the report highlighted the growing problem of attacks from malicious insiders, as well as the trend towards "crimeware-as-a-service" offered by criminal gangs across the internet.

In second place was infrastructure weaknesses, followed by tougher statutory requirements. Mobile malware, Web 2.0 vulnerabilities, and pressure from offshoring or outsourcing services also featured highly.

"Data is now the gold, silver and diamonds of the online world, and criminals see it as a low-risk way to steal money without going anywhere near the crime scene," said ISF chief executive Howard Schmidt.

"But even in today's financial climate and increased threat environment, we are better placed than ever to meet these challenges, as long as we have the resolve to strengthen and invest in security rather than reduce it."