Conclusion 03: Security Breaches
One indicator (albeit backward-looking) of the security challenges facing CIOs is the number of actual breaches that have occurred. The results are decidedly mixed: Most network hacking categories are down, but virus and denial-of-service attacks are up. Intrusion costs have increased, although their impact on productivity wasn't overwhelming.
The number of security breaches reported in the past 12 months went up slightly, from an average of 2.8 reported in August to 3.1 in February. That increase, however, was mostly due to more IT executives from larger companies committing to specific numbers.
Our February survey uncovered that a whopping 94% of large businesses reported a virus intrusion in the previous 12 months. Large companies reported a significant increase of data stolen or compromised due to network hacks: 8.1% in February compared with 4.2% in August. Virus attacks increased from 77% to 90% between the surveys, and denial-of-service attacks went up from 26% to 34%. But penetration of enterprise networks by hackers is down from 45% in August to 33% in February in the case of hacks that did not result in theft of data or Web site defacement.
Still, other than lost productivity, the impact of these intrusions was relatively small. While 10% said their customers couldn't retrieve information at some pointup slightly from nearly 8% in Augusta substantial 79% said they'd only lost productivity, vs. 73% earlier.
The cost these intrusions to large companies has risenfrom a mean of $78,499 to $156,770. But that's largely due to the fact that 6% of larger companies claimed damages of more than $1 million.