Security incidents come in all shapes and sizes. They can affect availability, confidentiality or integrity.
Shortinfosec organized a Linkedin poll to observe the opinions of the professionals on what are the sources of security incident that they deem most frequent.
The poll has 56 respondents, and there is no scientific selection of respondent groups to have a full blown research result. However, this small still nicely represents the issues by frequency that organizations are coping with.
The poll question was What is the most frequent incident type that is affecting your organization?
Five answers were suggested
- Network Issue or Outage
- External Hacker Attack
- Internal Hacker Attack
- Software Error Causing Data Corruption
- Human Error Causing Data Corruption
The poll was open for all Linkedin users for 20 days, with invitations sent to the Linkedin connections and groups.
Results and Analysis
After the closing of the poll, the following results were observed:
Most respondents (66%) select network issues as the primary source of security incidents. Data corruption due to human error takes the second place with 18%, and data corruption due to software error with 13%.
However, the demographics of the responses also indicate different view of the issues from a different executive level. Network issue is selected as a primary source of security incidents by operational personnel. Management levels have also voted on this option, but the majority of issues of networking are felt by operational teams.
The second most frequent issue is human error, and this is an incident which is mostly identified by managers (more then 75%). In reality, a human operator within a company has significant abilities to work within the information system of the company.
Human errors can happen for any number of reasons, and paired with the abilities of the human operator within the systems, very significant errors can occur corrupting data, causing erroneous calculations. And such data corruptions are easily felt across the entire company, hence the votes by management.
The third most frequent issue is data corruption due to software errors. These should have a much lower frequency then human errors, but the impact of such errors can be very wide ranging - since the error is embedded within the information system.
External hacker attack was chosen as the least frequent issue. But this only presents the view of the internal users. It is quite possible that internal users do not have the full scope of hacker attacks - they are not detected, or corporate procedures prevent distribution of information about hacker attacks.
The overall poll, while not conforming to standards for academic research, it still provides the following insights - operational people are plagued by network issues (availability), while managers are plagued by data corruptions (integrity).
Very few identify actual breach of confidentiality as a top issue in security incidents. It seems that the corporate world is either well protected against confidentiality breaches, or is still relatively blind to them. We would bet on the latter.
Cross-posted from ShortInfosec