Westborough, Mass. - According to a recent national survey, 54% of organizations have experienced cyber attacks, with 21% of the cyber attacks causing more than $100,000 in measurable damages, and 11% causing more than $500,000 in measurable damages.The 1st Annual Enterprise Security Survey, generated through an online survey of security decision makers spanning a wide range of industries, indicates that a vast majority of businesses are reliant on the Internet to conduct business and have experienced some form of cyber attack in the past year. Additionally, the survey demonstrates a trend in the change in security spending habits due to government regulations such as HIPAA and Sarbanes-Oxley.
"It's clear that today's organization is becoming more security-aware as they become increasingly inter-connected with customers and partners via the Internet," says Peter Rendall, president and CEO of Top Layer Networks. "In addition to the recent emphasis on regulatory compliance, new fast-emerging complex cyber threats are driving organizations to formalize their IT security policies and deploy new technologies that help ensure business operations continue uninterrupted."
According to the Enterprise Security Survey, 87% of respondents said they were "entirely" or "highly" Internet-reliant. Despite the high-reliance on Internet connectivity, 24% of organizations polled do not currently have a formal IT security policy in place for employees, though nearly half are in the planning process.
Twenty-five percent of respondents spend more than $100,000 annually to secure access to the Internet. In addition, 35% feel that their existing security infrastructure does not offer adequate protection of their servers, and 38% feel that existing security infrastructure does not offer adequate protection for their desktops. This explains why nearly 60% of respondents reported an increase in spending on information security products from 2004 to 2005--only 3% reported a decrease in spending. When evaluating network security products, respondents identified the top three purchasing factors as protection (66%), reliability (63%) and performance (40%).
Security purchases are driven both by regulatory requirements and by the continuous rise of new threats. Nearly two-thirds of polled organizations cited that they must comply with at least one government regulation such as HIPAA, Gramm Leach Bliley or Sarbanes-Oxley.
In addition, spyware is perceived to be the most significant upcoming threat for networks with more than 40% of respondents identifying it as a threat; 29% said worm infections and 24% named Distributed Denial of Service (DDoS) attacks as the most significant threats. These are also the same threats that are grabbing headlines in the media.
Intrusion prevention systems (38%) outpolled intrusion detection systems (36%), as more respondents have come to realize that blocking attacks is preferable to just detecting them.
The Enterprise Security Survey is the first in a series of national surveys designed to examine trends in cyber threats, purchase priorities and spend analyses in today's security-conscious organization. The Enterprise Security Survey was conducted via online questionnaire and the findings based on 163 respondents. The Enterprise Security Survey was sponsored by Top Layer Networks.
Source: Top Layer Networks
