New data shows that whilst cybercriminals are becoming more sophisticated, targeted and dynamic, organisations of all sizes are challenged to successfully protect their employees, data and networks, but seem to be accepting cybercrime as a fact of life. According to a new survey by M86 Security, conducted with Osterman Research - a US-based research house focused on gathering information from IT decision makers and end users of information technology - 49% of responding companies acknowledged that security breaches occurred, but accepted them as a cost of business.

 

The study, entitled, "The Global Malware Problem: Complacency Can Be Costly," shows that malware problems continue to rise, with 27% of respondents stating that malware problems increased in the past 12 months, and 64% responding that malware problems remained the same. 

 

"With more than 78% of organisations experiencing malware breaches during the last 12 months, it's clear these attacks are becoming a part of the fabric of the Internet," says Michael Osterman, president of Osterman Research. "What's surprising is the degree of complacency - often driven by lack of budget or adequate information - these companies exhibit in light of the uptick and complexity of the recent cyber attacks - even amongst those tasked with caring for data, which can include customer information and intellectual property. The pervasiveness of malware demonstrated in this study indicates a real need for businesses to educate themselves on the latest threats, in order to protect against serious security breaches."

 

"Cybercrime as a 'business' has exploded," says John Vigouroux, CEO, M86 Security. "This survey confirms that ease of entry, the sophistication of modern malware, and the reliance, for many organisations, on antiquated security technologies provide an open door for cybercriminals. What was surprising was that the majority of businesses felt they were better protected than other organisations whilst experiencing the same number of attacks as their peers."

 

According to the report, 77% of respondents revealed the Web to be the biggest malware concern. Even with this high level concern of malware, surprisingly, half of the respondents were confident in their current security solution, despite the fact that 78% of the organisations surveyed had experienced at least one malware attack during the preceding 12 months.

 

Respondents had "experienced a median of five attacks during the past 12-month period. This means that the typical organisation experiences a malware attack every 73 days. The number of attacks varied greatly amongst the different industries. Those impacted the most were the educational institutions, which had a median of 12 attacks during the same period, as well as the financial services and government organisations, which had a median of four and 10 attacks, respectively, during the previous 12 months.

 

Of the 70% of organisations that reported some financial loss following a malware attack, 59% of respondents said the cost of an attack was up to US$50,000. Specifically, 82% of financial-services organisations reported a financial impact resulting directly from a malware attack.