Cross Posted from Saumil Shah's blog here:
Under half of organisations rate security as their top issue, while three quarters experienced cyber attacks in the last 12 months.
According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.
It also found that 100 percent of enterprises surveyed experienced cyber losses in 2009, with theft of intellectual property, customer credit card information or other financial information and customer personally identifiable information the most prevalent.
Commenting on this, Tony Osborn, manager of Symantec's public sector pre-sales team, said that in his experience he agreed with the figures as everyone has been hit by some level of security threat, and also potentially breaches that they did not know about.
He said: “I think everyone is a security target. No one is 100 per cent secure, I believe the cost and risk and everyone will come to understand risk, it is not just about keeping up to date. It is about technology, people are being trained on the uses of IT and being aware of the responsibilities and organisations having the right processes.”
He claimed that one critical thing that organisations miss is ensuring that processes are followed, and not just looking at security as a small facet but taking a holistic view.
Also in the survey, on average, IT assigns 120 members of staff to security and IT compliance, while nearly all the enterprises surveyed (94 per cent) forecasted changes to security in 2010, with almost half (48 per cent) expecting major changes.
Francis deSouza, senior vice president of the enterprise security at Symantec, said: “Protecting information today is more challenging than ever. By putting in place a security blueprint that protects their infrastructure and information, enforces IT policies, and manages systems more efficiently, businesses can increase their competitive edge in today's information-driven world.”