Promisec Risk Center For Internal Network Threats Unmasks Internal Threat Potential Across Worldwide Corporate Networks
NEW YORK – December 11, 2007 – Promisec™ Inc., a technology leader in endpoint security management, today launched the Promisec Risk Center for Internal Network Threats, with the industry’s first corporate alert service focusing on latent and emerging internal threats putting organizations at risk of data loss or network disruptions.
The new Promisec Risk Center for Internal Network Threats is designed as the go-to resource for real-time statistics highlighting the most significant internal network threats as well as those that are newly discovered. Focusing on what has been described by a growing number of analysts as the most pressing corporate security concern, the Promisec Risk Center for Internal Network Threats identifies existing levels of insider threats, unveils emerging network security risks and provides strategies to protect against their presence. Together this information builds a barometer of internal threats and those which are most prevalent in corporate networks.
“Insiders represent the most significant danger to an organization because of their access to network computing systems and the sensitive information residing on those systems. It is this access that can lead to security risks from unauthorized applications or devices introduced to the network,” said Jon Oltsik, analyst at Enterprise Strategy Group. “Internal network threats continue to evolve, necessitating educational resources that keep security administrators up to date and Promisec is moving the educational process forward with threat discoveries and metrics direct from the field.”
Through awareness of surfacing attacks, organizations have the ability to take proactive steps to prevent data loss disasters, crimeware-driven legal issues or downtime resulting from malware. To provide this proactive support to companies ranging from SMEs to the Fortune 500, the Promisec Risk Center for Internal Network Threats offers a real-time threat feed to provide instant alerts especially on user introduced threats such as the hundreds of new P2P applications not necessarily recognized by existing preventative measures. The information portal which already has the largest database of commonly used and not so common P2P applications, provides statistics on known internal threats and their prevalence based on continuous auditing of thousands of endpoints and a Best Practices resource site that provides strategies and tactics for safeguarding any size network.
Leading the effort to educate organizations on the enormous dangers from insider threats, Promisec has recruited industry Specialist Aryeh Heymann, Managing Director of the company’s Risk Center for Internal Network Threats. Heymann will lead the charge to identify, quantify and counter the threats discovered by the company’s global auditing efforts. Prior to Promisec, Heymann was with EDS where he was part of the EDS Security CA&R (Compliance Assessment and Reporting) team. His role included solution planning and design for EDS customers in the service delivery division; specializing in global information security compliance. Heymann is an expert in the information systems infrastructure, information security standards, integration and compliance management fields. As part of developing enterprise security solutions, his team developed, maintained and enforced remote access security standards.
Promisec executes discovery audits and provides reporting across all corporate networks producing a detailed synopsis of processes and other activities on the network which may be outside of corporate policy, revealing the current state of internal network security. It is the findings from these audits, across hundreds of thousands of network endpoints worldwide, that generate the real-time internal threat barometer now available to corporations in search of internal network defense strategies.
The latest Promisec summary audit conducted over a twelve month period revealed that 25,090 (13%) of the corporate PCs surveyed had unauthorized USB devices attached to them, opening the door to data loss and the opportunity for USB-borne viruses and malware to enter the corporate network. 7720 (4%) of corporate PCs had peer-to-peer (P2P) applications installed. 2895 (1.5%) of the corporate PCs did not have the latest Microsoft service packs and 3281 (1.7%) had anti-virus monitoring and remediation issues. 2316 (1.2%) of the 193,000 audited endpoints were without required 3rd party desktop security agents. Finally, 1582 (0.8%) of endpoints had unauthorized remote control software, and a lesser percentage had unauthorized and unprotected shareware.
“As a company, Promisec is committed to continuously setting high standards and then raising that bar to benefit business – first with technology and now by creating the Promisec Risk Center for Internal Network Threats,” said Amir Kotler, CEO of Promisec. “Unlike the popular ‘virus-alert’ services, our Risk Center for Internal Network Threats provides awareness of potentially damaging processes and services, specifically around P2P applications and new emerging content sharing technologies through which organizations will gain a greater understanding of how their own network security defenses stand up in the reality of today’s environment.”
To gain immediate access to the Promisec Risk Center for Internal Network Threats, visit www.promisec.com/riskcenter and register to receive instant updates on emerging internal network threats as they are discovered by Promisec audit teams. Itemized findings of the top threats to internal network security are available by contacting Promisec at [email protected]
About Promisec
Promisec, Inc., is an award-winning technology leader in agentless endpoint security management software. The company offers industry proven internal network security solutions in use by Global 2000 organizations. The company’s products Promisec Spectator Professional and Promisec InnerSpace, protect against business disruption from internal network threats with the only agentless endpoint security software to deliver both monitoring and remediation and the ability to manage third-party security products for a layered approach to corporate network security. Privately held and founded in 2004, Promisec’s main headquarters are located in Israel with offices in New York, London and Paris. The company’s U.S. headquarters are located at 461 Fifth Avenue, 8th Floor in New York City, NY 10017. Visit the Promisec Web site at www.promisec.com