Best Practices Can Cut Downtime From Cyber-Attacks: Symantec Survey

While there is no silver bullet to prevent all attacks, Symantec's latest survey proves that following best practices is a better defense than skimping on the protections.

Investing in multiple layers of security to protect endpoints and the data stored on them tend to pay off in mitigating cyber-attacks and reducing downtime, according to a recent Symantec suvey.

However, if there are security gaps, the breach can be quite costly.

Organizations that invested in stronger defenses and trained its employees to be more self-conscious were in a better position to stop or survive attacks, Symantec found in its Endpoint Protection Best Practices survey, released Jan. 17.

The "top tier" organizations in the survey were 2.5 times less likely to experience a major cyber-attack, and 3.5 times less likely to experience downtime compared to other enterprises, according to Jason Nadeau, director of product management.

Symantec surveyed 1,425 professionals working in IT, of which one-third were C-level executives. Each respondent was scored based on their responses to what kind of protections the organization had deployed. Top tier refers to respondents that scored in top 33 percent, Nadeau said. The survey did not ask specific questions about what security products they deployed, but focused on category types.

"The traditional endpoint security tool antivirus software is no longer effective on a stand-alone basis," researchers wrote, adding, "The organizations that had deployed more comprehensive security technologies and practices were better prepared and better able to thwart attacks."

Organizations with higher scores reported using various layers to protect their assets, including data loss prevention, intrusion prevention and detection systems, anti-malware and firewalls. Patch management and maintenance was also included. Nearly all of the organizations in this group reported conducting awareness training for staff. Top-ranked organizations invested in tools to prevent unauthorized copying of data to and from peripheral devices such as USB drives, deployed safeguards including encryption, access control and reputation-based security.

The policies and practices of the top tier responders contrasted "sharply" to those who ranked in the bottom tier, Symantec researchers wrote. Less than half of the organizations in the bottom group reported being current with all operating system and application updates, and roughly half had considered encryption, access control, data loss prevention and reputation-based security technologies. Only a fifth of  their physical assets, including desktops, laptops and mobile devices, have virus and spyware protection, and only a tenth of virtual systems were similarly protected.

The bottom tier organizations did not train employees on security best practices as often. These organizations were likely to suffer heavier losses after a successful cyber-attack, the report found.

Bottom tier organizations suffered 2,765 hours in downtime, compared to the 588 hours suffered by the top-ranked organizations. Those organizations reported 859 hours downtime for mobile devices, 828 hours for desktops and notebooks, 241 hours for servers and 837 hours of "widespread downtime."

Regardless of their ranking on the list, organizations were not immune from cyber-attacks and still experienced downtime and losses when protections failed. About 53 percent of the survey participants said that in the case of a cyber-incident, the organization suffered lost productivity and labor costs for the IT staff to resolve issues, revenue loss, lost data and brand damage. Cyber-incidents cost organizations $558,000 in revenue losses, $480,831 in brand damage, $366,301 due to compliance fines, and $174,309 in lost productivity, the survey found.

This article was originally published on 01-25-2012
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

Click for a full list of Newsletterssubmit