Symantec Corp. has released the findings of its global 2010 State of Enterprise Security study, which found that 42 percent of organisations globally and 43 percent in Australia and New Zealand (ANZ) rate security their top issue.
This isn’t a surprise, considering that 75 percent of organisations globally and 89 percent in ANZ experienced cyber attacks in the past 12 months. These attacks cost enterprise businesses an average of US$2 million per year.
Organisations reported that enterprise security is becoming more difficult due to understaffing, new IT initiatives that intensify security and IT compliance issues. The study is based on surveys of 2,100 enterprise CIOs, CISOs and IT managers from 27 countries in January 2010.
“Protecting information today is more challenging than ever,” said Francis deSouza, senior vice president, Enterprise Security, Symantec Corp. “By putting in place a security blueprint that protects their infrastructure and information, enforces IT policies and manages systems more efficiently, businesses can increase their competitive edge in today’s information driven world.”
Forty-two percent of enterprises globally and 43 percent in ANZ rank cyber risk as their top concern, more than natural disasters, terrorism, and traditional crime combined. Reflecting that perception, IT is intently focused on enterprise security.
The report says on average, IT assigns 120 staffers to security and IT compliance. Enterprises rated “better manage business risk of IT” as a top goal for 2010, and 84 percent globally (91 percent in ANZ) rated it absolutely/somewhat important. Nearly all the enterprises surveyed (94 percent globally and 100 percent in ANZ) forecasted changes to security in 2010, with almost half (48 percent globally and 42 percent in ANZ) expecting major changes.
It was also found that enterprises are experiencing frequent attacks. In the past 12 months, 75 percent of enterprises globally and 89 percent in ANZ experienced cyber attacks, and 36 percent globally and 49 percent in ANZ rated the attacks somewhat/highly effective. Worse, 29 percent of enterprises globally and 34 percent in ANZ reported attacks have increased in the last 12 months.
The report concludes with the recommendation that organisations should protect their infrastructure by securing their endpoints, messaging and web environments. In addition, defending critical internal servers and implementing the ability to back up and recover data should be priorities. Organisations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency and monitoring and reporting on system status.