HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 14 guests and 4 members online
EH-Net Donations

Enter Amount:
$
Google Ads
ChicagoCon 2008f
chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Top 2008 Security Threats
Ethical Hacker Community Forums
September 05, 2008, 03:52:06 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Registration Now Open for ChicagoCon 2008f Oct 27 - Nov 2! Visit www.chicagocon.com.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Top 2008 Security Threats  (Read 1476 times)
0 Members and 1 Guest are viewing this topic.
oneeyedcarmen
Full Member
***
Offline Offline

Posts: 205

Klaatu, Borada,Necktie?


View Profile
« on: June 03, 2008, 08:06:32 AM »
Tim Bass has posted an entry on the (ISC)2blog regarding what he and a few others feel are the top security threats for 2008.

Quote from: Tim Bass
The Top Ten Cybersecurity Threats for 2008 Revisited

Last year I published The Top Ten Cybersecurity Threats for 2008 at The CEP Blog, motivated by a plethora of "top 10 threat lists" that confuse vulnerabilities and threats.  A number of fellow CISSPs and security colleagues on LinkedIn (thank you!) collaborated on the list:

The Top Ten Cybersecurity Threats for 2008

  • 1. On-line masquerading to abuse, attack, blackmail, bully, extort, or molest others.
  • 2. Criminal fraud by password and identity theft via phishing, spyware, malware and theft of hardware.
  • 3. Criminal use of botnets and botnet-like technologies for economic gain, for example email spam and denial of service attacks.
  • 4. Cyberterrorism, bulling, vandalism and other forms of electronic violence and malfeasance.
  • 5. Subversion of democratic political processes.
  • 6. Criminal manipulation and subversion of financial markets.
  • 7. Spying and theft of data by governments, industry, terrorists and other criminals.
  • 8. Denial-of-service attacks by criminals and terrorists.
  • 9. Sabotage, theft and other attacks by disgruntled employees and insiders.
  • 10. Natural disasters, accidents or errors without malicious intent.

We are getting close to the halfway mark to 2009, so please feel free to comment  and collaborate as we revisit and evolve our top ten threat list for next year. 

You fine folks have anything to add?
Logged
MCP, Security+, Associate (ISC)2
don
Editor-In-Chief
Administrator
Hero Member
*****
Online Online

Posts: 2241


Editor-In-Chief


View Profile WWW
« Reply #1 on: June 03, 2008, 11:15:22 AM »
Not sure about #10. It is a risk without a doubt and should be addressed in your disaster recovery plan, but I'm not sure I buy it as a "cybersecurity" threat.

Would #8 fit into #4?

Just my thoughts right off the bat.

Don
Logged
CISSP, MCSE, CEH, Security+ SME
RoleReversal
Sr. Member
****
Offline Offline

Posts: 397


View Profile WWW
« Reply #2 on: June 04, 2008, 03:00:52 AM »
Don,

overall I would agree with your analysis of #10 and it should definitely be addressed in a DR plan.

However it is human nature to be more helpful to return full service following a disaster and this can come in the form of reducing security checks to increase speed of operation. If your working environment requires stringent security controls you must ensure that they are enforced at all times to protect against an opportunist strike during a vulnerable moment.

In line with the DR theme, a client of mine recently finished an internal risk assessment. The results suggested that there is a 20% of a plane hitting my facility (despite us not being near an airport or under a flight path), think I need to claim danger money Wink
Logged
A little bit of sanity:
http://www.infosanity.co.uk
pjayes
Newbie
*
Offline Offline

Posts: 46


View Profile
« Reply #3 on: June 05, 2008, 08:21:59 AM »
I agree with number one, that is also proberly the hardest to defend against, i think number 7 should be a little higher on the list, what threat is the easist to defend against / the hardest to defend against.

pjayes
Logged
g00d_4sh
Sr. Member
****
Online Online

Posts: 282



View Profile
« Reply #4 on: June 05, 2008, 02:04:42 PM »
I think honestly Don he wanted to make it an even 10 things.. like "Ten Commandments" and all that.  You know... just rolls off the tongue better than the "Eight top security threats" or... "Six" or whatnot.  Hense... a little fluff, and perhaps repeating of threat vectors is expected. Wink
Logged
"Bad.. Good?  I'm the guy with the gun"
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.5 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.057 seconds with 24 queries.
 
Polls
Best for daily desktop use:
 
Support EH-Net
chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f
 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.