Gartner has released a report on the five most oversold security risks:
fear of mobile malware the belief that VoIP is unsafe concerns about wireless hotspots the equation of regulatory compliance with security the idea of a superworm that could spread on the Internet in a matter of minutes
As would be expected, the reason for much of the hype is that someone stands to profit from the fear:
Of mobile malware, company vice president John Pescatore put it bluntly: “Antivirus vendors see huge potential profit opportunities in selling security solutions to billions of cell phone and PDA users. In particular, the antiviral industry sees cell phones as the way to grow sales outside of a flat, commoditized PC market. However, device-side antiviruses for cell phones will be completely ineffective.”
Of the obsession with regulatory compliance, his analyst colleague Lawrence Orans said: “The best way to increase enterprise IT security is to buy and build software that has fewer vulnerabilities, but there has been no regulatory focus on this area.”
Mixed Message
Similarly, attacks on VoIP systems are rare–which renders elaborate security measures unnecessary–and the danger to users of wireless hotspots could be greatly reduced with simple technology. The threat of what the company called the “Warhol worm,” able to infect every unprotected PC on the Internet in 15 minutes, has been greatly exaggerated.