This is a very important question that secure content and threat management solutions developer Kaspersky has asked and sought to fine out. In their study, it has appeared that businesses are threatened firstly by a weak or wobble economy, but in close second is cyber crime in its various forms.
In its report entitled “Global IT Security Risks: 2012,” which interviewed 3,300 senior IT professionals in companies from 22 countries, half of the respondents (50%) ranked cyber-threats as one of the top three concerns in their business. Closely following that were damage to brand and reputation, intellectual property theft, computer fraud and industrial espionage, all of which are very closely related to the pressing concern of cyber crime. Such knowledge of threats point to familiarity of senior executives about the possible dangers they could face as they continue to rely on technology.
Cyber threats are becoming an even bigger threat. 42 percent of the respondents view cyber crime as a huge concern in the future, as compared to the 39 percent who view economic uncertainty as the major concern.
Of the cybercrime problems, malware infection, pegged at 35 percent, is reported as the most common external cause of data loss, followed by email and phishing attacks, while internally, vulnerabilities in installed programs cause the same problem. Even more worrisome is that 35% of the respondents have reported data loss due to flawd IT security within the companies; this included customer information, financial data ad employee data; each one a key piece in the overall function of a business.
People’s increased reliance on personal mobile devices has also caused problems, as they are easy targets for cyber-threats, either through negligence, loss or something as simple as a phone’s prediction software ending an email to the wrong address.
Kaspersky Lab Chief Product Officer Petr Merkulov said that the survey still reveals how low the number of companies are who think that they are prepared against cyber-threats. Only 59% of respondents said they are ready to face cyber-threats, which is just 1% more than in 2011.
“The fact that this view has changed very little since 2011, the measures being taken by IT specialists are woefully inadequate – only a little more than half of the respondents believe their company is really secure,” Merkulov said.
Merkulov made several recommendations for companies who want to strengthen their corporate IT security and to prepare them from further attacks.
· Data encryption — It is strongly recommended that the partial or complete encryption of data as an additional layer of security. Even if a device ends up in the wrong hands or a malware attack is successful, a cybercriminal that gains access to files that have been encrypted will not be able to see their contents.
· Paying particular attention to personal devices – Companies must implement security policies that cover the use of both personal and corporate mobile devices for work-related tasks.
· Be prepared for targeted attacks — It is recommended putting measures into place now for combating targeted attacks, and in particular paying more attention to proactive protection methods designed to prevent threats rather than dealing with the consequences.
· Educating staff – The survey showed that there is low level of computer literacy among employees which can lead to a company’s IT infrastructure being infected or confidential information being leaked. That is why teaching company personnel all the basics of IT security is no less important than installing the latest security software.