|
|
http://www.darkreading.com/security/intrusion-prevention/showArticle.jhtml?articleID=219401410
By Kelly Jackson Higgins
DarkReading
Aug 25, 2009
In case you're worried about taking that last-minute summer vacation and
leaving your IT staff a little short, relax (for now, anyway): Most
hackers are taking a break now, as well, as they gear up for a busy
winter season, according to a survey of hackers attending Defcon17 in
Las Vegas this month.
Malicious hackers make up less than one-fourth of the overall hacker
community, according to 70 percent of the respondents, who were surveyed
by Tufin Technologies at the world's largest hacker conference.
And 70 percent say government security and privacy regulations don't
make hacking into corporate networks any tougher. Another 15 percent say
compliance initiatives have actually made hacking easier, while 15
percent say these programs have made it harder.
"These results further validate the reality that there is little common
ground between compliance and security, but as an industry we have the
collective knowledge and the resources to change that," says Michael
Hamelin, chief security architect at Tufin. "While standards, such as
PCI-DSS, provide a good baseline, organizations that assume achieving
PCI compliance will solve their security woes are in for a rude
awakening. With security and compliance budgets so deeply intertwined,
it serves us as security professionals to make the two more synonymous.
At the end of the day, the more accountable we are willing to be, the
less we'll have to be."
Around 81 percent of hackers say they are more active around the winter
holidays -- 56 percent say Christmas is the ideal time for corporate
hacking, and 25 percent say New Year's Eve. Weekday nights are when they
do most of their hacking, according to 52 percent of the respondents.
More than 30 percent do so during business hours, and only 15 percent on
weekends.
[...]
________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org