A
survey of U.S. IT security professionals, conducted by Ponemon Institute and
sponsored by Juniper Networks, found the threat from cyber-attacks today is
nearing statistical certainty and businesses of every type and size are
vulnerable to attacks. Organizations today are experiencing multiple breaches,
with more than half (59 percent) of respondents citing two or more breaches in
the past 12 months.
Overall,
companies indicate that security breaches have cost them a least half a million
dollars to address in terms of cash outlays, business disruption, revenue
losses, internal labor, overhead and other expenses. Most respondents (59
percent) report that the most severe consequence of any breach was the theft of
information assets, followed by business disruption.
Additionally,
security attacks are on the rise, with 43 percent of respondents indicating
there has been a significant increase in the frequency of cyber-attacks during
the past 12 months and 77 percent saying these attacks have become more severe
or difficult to detect or contain. As a result of these multiple breaches, more
than one-third (34 percent) of respondents say they have low confidence in the
ability of their organization's IT infrastructure to prevent a network security
breach.
"Our
survey research provides evidence that many organizations are ill-equipped to
prevent cyber-attacks against networks and enterprise systems," said Dr.
Larry Ponemon, chairman and founder of the Ponemon Institute. "This study
suggests conventional network security methods need to improve in order to
curtail internal and external threats."
The
survey found only 11 percent of respondents know the source of all network
security breaches, and almost half (48 percent) cited complexity as one of
their biggest challenges to implementing network security solutions—with the
same percentage of respondents saying it is due to resource constraints.
Combating cyber-attacks can be made more effective by streamlining or
simplifying network security operations, said 76 percent of respondents.
Seventy-five
percent say their effectiveness would increase by implementing end-to-end
solutions, and 28 percent are earmarking more than 10 percent of their budgets
to security to address these issues. Employee mobile devices and laptops are
seen as the most likely endpoint from which serious cyber-attacks are unleashed
against a company, the survey found, and the top two endpoints from which these
breaches occur are employees' laptop computers with 34 percent and employees'
mobile devices with 29 percent.
"The
size and complexity of today's security threats continue to intensify, leaving
organizations and governments vulnerable to cyber-attacks," said Mark
Bauhaus, executive vice president and general manager of Juniper Networks'
device and network services business group. "Business leaders need to
consider a more aggressive, systemic security approach—implementing end-to-end
comprehensive protection at all points in the network to help mitigate
risk."
/ 5 
