New data shows that whilst cybercriminals are becoming more sophisticated, targeted and dynamic, organisations of all sizes are challenged to successfully protect their employees, data and networks, but seem to be accepting cybercrime as a fact of life. According to a new survey by M86 Security, conducted with Osterman Research – a US-based research house focused on gathering information from IT decision makers and end users of information technology – 49 per cent of responding companies acknowledged that security breaches occurred, but accepted them as a cost of business. The study, entitled,“The Global Malware Problem: Complacency Can Be Costly,” shows that malware problems continue to rise, with 27 per cent of respondents stating that malware problems increased in the past 12 months, and 64 per cent responding that malware problems remained the same. The survey is part of M86 Security’s continuing efforts to educate organisations on the impact of cybercrime and malware.
"With more than 78 per cent of organisations experiencing malware breaches during the last 12 months, it's clear these attacks are becoming a part of the fabric of the Internet,” said Michael Osterman, president of Osterman Research. "What's surprising is the degree of complacency – often driven by lack of budget or adequate information – these companies exhibit in light of the uptick and complexity of the recent cyber attacks – even amongst those tasked with caring for data, which can include customer information and intellectual property. The pervasiveness of malware demonstrated in this study indicates a real need for businesses to educate themselves on the latest threats, in order to protect against serious security breaches."
The survey was conducted in May 2011 to assess how serious the malware concern was in today’s state of global cybercrime. It represented a cross-section of industries with 92 per cent of respondents as decision makers and influencers in their organisations’ IT departments. The average number of employees at the responding organisations was just over 10,000.
"Cybercrime as a ‘business’ has exploded," said John Vigouroux, CEO, M86 Security. "This survey confirms that ease of entry, the sophistication of modern malware, and the reliance, for many organisations, on antiquated security technologies provide an open door for cybercriminals. What was surprising was that the majority of businesses felt they were better protected than other organisations whilst experiencing the same number of attacks as their peers.”
Key survey findings include:
• Malware from the Web is the No. 1 Security Concern: According to the report, 77 per cent of respondents revealed the Web to be the biggest malware concern. Even with this high level concern of malware, surprisingly, half of the respondents were confident in their current security solution, despite the fact that 78 per cent of the organisations surveyed had experienced at least one malware attack during the preceding 12 months.
• Security Attacks are More Common Than Not: Respondents had “experienced a median of five attacks during the past 12-month period.” This means that the typical organisation experiences a malware attack every 73 days. The number of attacks varied greatly amongst the different industries. Those impacted the most were the “educational institutions, which had a median of 12 attacks during the same period, as well as the financial services and government organisations, which had a median of four and 10 attacks, respectively, during the previous 12 months.”
• Security Incidents Come with Financial Costs: Of the 70 per cent of organisations that reported some financial loss following a malware attack, 59 per cent of respondents told us the cost of an attack was up to US$50,000. Specifically, 82 per cent of financial-services organisations reported a financial impact resulting directly from a malware attack.
The research also covers information on the sources of cyberattacks, the direct and indirect costs of attacks and the cost of remediation, and organisations’ concerns about the increased use of mobile devices and social media and their effect on security. The report, along with other valuable information on cybercrime, can be found at a special cybercrime website set up by M86 Security website.
Osterman Research provides timely and accurate international market research, cost data, cost models, benchmarking information and other services to technology-based companies. We do this by continually gathering information from IT decision-makers and end-users of information technology. We analyse and report this information to help companies develop and improve the products and services they offer to these markets or to internal customers.
About M86 Security
M86 Security (m86security.com) is the global expert in real-time threat protection and the industry's leading Secure Web Gateway provider. The company's hardware, virtual appliance, software, and Software as a Service (SaaS) solutions for Web and E: security protect more than 25,000 customers and 26 million users worldwide. M86 products use patented real-time code analysis and behaviour-based malware detection technologies, as well as threat intelligence from M86 Security Labs, to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centres in California, Israel, and New Zealand.
Follow M86 Security on Twitter at: twitter.com/M86Security | Facebook at: facebook.com/M86Sec