IT安全狂妄自大的危险

自从今年3月，随着疫情的持续蔓延，企业和组织开始实施在家办公(WFH)政策以来，企业网络安全受到的危害越来越大。

Malwarebytes在6月份开始衡量企业IT领导人如何应对这一流行病;以及他们在展望未来时会制定哪些策略。这家反病毒软件公司调查了来自不同规模公司的200多名IT专家。这些调查结果，再加上公司内部的遥测数据，发现许多IT主管可能对他们现有的网络安全协议和程序过于自信。

例如，44%的受访者没有为员工提供网络安全培训，45%的受访者没有对软件工具进行安全和在线隐私分析，而这些软件工具被认为是向WFH过渡的必要条件，18%的受访者表示网络安全不是他们员工的优先考虑。

尽管如此，在Malwarebytes的调查中，超过70%的受访者在被问及他们是否准备好转变为WFH时给他们的组织打了7/10分。

调查称:“这可能是一种通常难以衡量的现象的一个例子，我们称之为安全傲慢，也就是对部署的有限安全措施过于自信。”

原文：Corporate cybersecurity has been increasingly compromised since businesses and organizations began implementing work-from-home (WFH) policies in March as the pandemic continued its spread.

Malwarebytes in June set out to measure the how corporate IT leaders reacted to the pandemic; and what strategies are planned as they look forward. The antimalware software firm surveyed more than 200 IT experts at companies of various sizes. Those survey results, combined with the firm's internal telemetry, found that many IT heads might be overconfident about the cybersecurity protocols and procedures they have in place.

For example, 44 percent of the respondents did not provide cybersecurity training to the workforce, 45 percent did not perform security and online privacy analyses of software tools deemed necessary for the transition to WFH, and 18 percent said cybersecurity was not a priority for their employees.

Despite this, more than 70 percent of the respondents to Malwarebytes' survey gave their organization a score of 7/10 when asked to determine their readiness to transition to WFH.

"This may be an example of an often difficult-to-measure phenomenon that we call security hubris, also known as overconfidence in limited security measures deployed," the survey stated.