Hacker Attacks Rise Among Business, McAfee ReportsBy Nathan Eddy | Posted 2010-10-14 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Research from security firm McAfee finds 40 percent of businesses surveyed have had data breaches this year.
Security specialist McAfee released research finding mid-sized organizations have seen increased attacks on their networks and systems since last year. According to the McAfee report The Security Paradox, more than half of midsize companies surveyed globally have seen more security incidents in the past year, 40 percent have had data breaches and 75 percent believe a serious data breach could put them out of business. Bloor Research conducted research for the report on behalf of McAfee.
In its third year, the Security Paradox report quantified the cost of proactive versus reactive security, examines mid-sized companies' attitudes toward security and contrasts them with security realities. More than 83 percent said they were concerned or very concerned that their business could be the target of an intentional and malicious security attack, 51 percent had actually been attacked, and 16 percent of those who were attacked took more than a week to recover. Data loss was the number one consequence of the attack.
Thirty percent of mid-sized organizations had to manage multiple network security incidents, of which 55 percent took up to five hours to investigate and remediate, while 58 percent of worldwide respondents spent less than three hours per week working on, evaluating and researching IT security. Last year, McAfee reported that figure at 65 percent. Five percent of mid-sized organizations reported that they had suffered a data loss that had cost them more than $25,000. Of these 25 percent were from China, 14 percent from France and 11 percent from India.
Forty-seven percent of all reported intellectual property losses were from EMEA-based mid-sized organizations, while 88 percent of mid-sized organizations said they were concerned or very concerned about non-malicious/inadvertent security incidents Sixty percent of worldwide mid-sized organizations admitted to knowing less than 75 percent of the pertinent regulatory and compliance requirements pertinent to their organization.
"Keeping up with security threats is a significant distraction from running a mid-sized business," said Alex Thurber, senior vice president of worldwide channel operations for McAfee. "The explosion and sophistication of malware impacts mid-sized organizations who are struggling to grow their businesses against a backdrop of competitive pressures and a slow economic recovery. While the threats have grown, these companies' resources to fight them have declined, creating a paradox."
In excess of 1,100 surveys were completed with respondents responsible for IT purchasing, management or overall ownership for governance, risk and compliance within organizations of 51 to 1,000 employees worldwide, according to a McAfee release. Surveys were conducted in Australia, Brazil, Canada, China, France, Germany, India, Japan, Mexico, Netherlands, Spain, the United Kingdom and the United States. The results were compared to previous studies conducted in Europe and North America.