Information Security all in one place!

Symantec: Cyber Attacks May Be Costing Your Business Big $$

As the average cost of recovering from cyber attacks approaches half a million dollars per year, Symantec says it’s time to beef up your defenses.

The security threat landscape is in a state of flux as cybercriminals become ever more sophisticated and stealthy in their efforts, and security firm Symantec believes organizations need to adapt their approach to endpoint security as a result.

Last week, Symantec released its 2012 Endpoint Security Best Practices Survey, revealing that 144,000 malicious files are detected each day, translating into a rate of more than 4.3 million per month. Symantec said it blocked 3.1 billion attacks in 2010.

Image representing Symantec as depicted in Cru...

Image via CrunchBase

“We’ve learned that endpoints are not what they used to be,” said Jason Nadeau, director of Product Management for Symantec Endpoint Security. “Endpoint security used to be restricted to PCs on the desk and servers in the datacenter.”

But the number and variety of endpoints are exploding with the introduction of all manner of mobile devices, virtual servers, and virtual workstations to the network. Nadeau said the firms that have had the most success in defending their endpoints in this evolving environment are the ones that have been the most aggressive in deploying so-called advanced protection in the form of intrusion prevention and data loss protection technologies.

“In terms of basic protection, the top-tier portion of respondents were six times as likely to have deployed virus and spyware protection and five times as likely to have deployed firewalls,” Nadeau said. “The same trend is evident for advanced protection. The top tier is five times as likely to have deployed intrusion prevention and six times as likely to have deployed data loss protection. I would argue that everybody needs to be doing this and that those sorts of technologies need to move to the baseline.”

Symantec’s survey collected data from 1,425 IT professionals in 32 countries. One-third of the respondents were C-level employees of business owners, another one-third were management focused on strategic issues, and the last one-third were management focused on tactical and operational issues.

Symantec divided the respondents into three tiers based on their security practices.

“Top-tier companies are faring much better in terms of outcomes from attacks than the bottom tier,” Nadeau said, noting that top-tier firms were 2.5 times less likely to see a large number of cyber attacks — including denial of service, information theft, fraud and vandalism — and their total downtime was nearly four times less than that of other firms.

Those numbers aren’t academic. Nadeau said top-tier firms suffered an average total of 588 hours of downtime for the year compared with 2,765 hours for bottom-tier firms. Additionally, successful attacks were costly. Symantec said it found that the typical organization incurred $470,000 in losses due to endpoint cyber attacks in the past 12 months.

Those losses were primarily driven by forced dedication of IT manpower to remediate the affected endpoints; loss of organization, customer or employee data; and damage to the organization’s brand and reputation.

Read More:

One response

  1. Pingback: CyberSecurity Reality Check: Attackers Winning? « – NSIT

Let's hear what you have to say.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s