Security professionals are most concerned about targeted attacks, external hackers and insider threats, according to a recent report from Symantec. Their jobs are made more challenging by industry trends such as mobile computing, social media and the consumerization of IT, the survey found.

Nearly 50 percent of IT security professionals surveyed said external threats pose somewhat or extremely significant risks to the organization, compared with 46 percent for accidental breaches by well-meaning insiders and 44 percent for malicious insiders, according to Symantec's 2011 State of Security Survey, released Aug. 31. Most organizations on average ranked cyber-attacks as bigger risks to their businesses than other forms of criminal activity or natural disasters.

Mobile computing, social media and consumerization of IT were the top three industry trends making enterprise IT security more challenging, the survey found. About 41 percent of the respondents also said securing the organization's platforms and data was "somewhat" or "significantly more" important than it was 12 months ago.

"Mobile computing, social media use and the consumerization of IT are providing new challenges as organizations increase their cyber-security efforts," said Sean Doherty, vice president and chief technology officer of enterprise security at Symantec.

Symantec found that 29 percent of organizations see attacks on their organizations on a regular basis and 71 percent had been attacked at least once in the past 12 months. The top attack vectors were malicious code, social engineering and other external attacks. A little over a third of the respondents expressed concern about state-sponsored attacks.

Interestingly, the number of organizations reporting attacks in the past 12 months dipped slightly in 2011 to 71 percent compared with 75 percent in 2010. The number of organizations that claimed to see an increase in attacks also declined from 29 percent to 21 percent.

test