Study Says 90 Percent of Businesses Have Had Cyber Security Breach
A survey of US IT and IT Security professionals, conducted independently by Ponemon Institute and sponsored by Juniper Networks, found the threat from cyber attacks today is nearing statistical certainty and businesses of every type and size are vulnerable to attacks.
Organizations today are experiencing multiple breaches with more than half (59 percent) of respondents citing two or more breaches in the past 12 months. Overall, companies indicate that security breaches have cost them a least half a million dollars to address in terms of cash outlays, business disruption, revenue losses, internal labor, overhead and other expenses. Most respondents (59 percent) report that the most severe consequence of any breach was the theft of information assets followed by business disruption.
Additionally, security attacks are on the rise with 43 percent of respondents indicating there has been a significant increase in the frequency of cyber attacks during the past 12 months and 77 percent saying these attacks have become more severe or difficult to detect or contain. As a result of these multiple breaches, more than one-third (34 percent) of respondents say they have low confidence in the ability of their organization's IT infrastructure to prevent a network security breach.
"Our survey research provides evidence that many organizations are ill-equipped to prevent cyber attacks against networks and enterprise systems," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "This study suggests conventional network security methods need to improve in order to curtail internal and external threats."
Additional key findings from the survey include:
- Only 11 percent of respondents know the source of all network security breaches.
- Almost half, 48 percent cite complexity as one of their biggest challenges to implementing network security solutions -- with the same percentage of respondents saying it is due to resource constraints.
- Combating cyber attacks can be made more effective by streamlining or simplifying network security operations, said 76 percent of respondents.
- Seventy-five percent say their effectiveness would increase by implementing end-to-end solutions.
- Twenty-eight percent are earmarking more than 10 percent of their budgets to security to address these issues.
- Employee mobile devices and laptops are seen as the most likely endpoint from which serious cyber attacks are unleashed against a company.
- The top two endpoints from which these breaches occurred are employees' laptop computers with 34 percent and employees' mobile devices with 29 percent.