The Evolving State of Cyber-Threats
-
Under Pressure
50% of respondents said that preventing cyber-attacks is the most important or a top three IT issue for their organization. -
Damage Control
76% of respondents reported that their organization has experienced a damaging breach over the past year. -
Money Matters
44% increased the portion of their IT budget allocated to security. Among large enterprises, the figure rises to 54%. -
The Biggest Problems
Respondents said that the top problems were: corruption of servers (26%), prolonged e-mail system failure (18%), revenue loss (18%), loss of employee information (14%) and other (24%). -
No Clear Strategy?
Only 29% of the respondents said that they have established best practices to try to get the problem under control. -
No Worries
Overall, 20% of companies said that cyber-attacks are not a major issue. Among small firms, the figure rises to 27% but among large enterprise it drops to 8%. -
New Risks
New and different technologies are shifting the risks. 71% of respondents at large firms cited concerns over cloud vulnerabilities, and 59% rated BYOD as a major risk. -
Eye on Insiders
64% of respondents at large companies said that they are concerned about IT insiders causing incidents. Among mid-size and small firms, the respective figures are 62% and 46%. -
Passwords Are a Problem
83% of respondents at large firms indicated that password compromise is a problem. At mid-size and small firms the figures were 83% and 76%. -
Dodging DDoS
71% of large enterprises rated DDoS as a major concern. However, among mid-size and small companies the figure drops to 49% and 50%. -
Mixing Solutions
95% of the survey respondents said that they are involved in purchasing six or more security products in order to aggregate and assimilate the necessary information about attacks. -
Staying Informed
75% of the survey respondents said that key information sources are their peers and technology content Websites. About 60 percent said they look to analysts. -
Final Thoughts
Changes in the way cyber-attacks are carried out are changing the way business and IT leaders deal with security. While traditional IT vendors remain important, infrastructure providers also play a role in security efforts.
Over the last few years, cyber-threats have become more sophisticated and persistent. Every day, there's news of yet another breach or breakdown. What's more, confronting the problem and mitigating risk has become more difficult. A new survey from QuinStreet Enterprise, “2015 Security Outlook: Meeting Today's Evolving Cyber Threats,” examines the challenges. The survey of 387 business and IT executives found, among other things, that cyber-attacks are becoming more targeted and increasingly sophisticated, most companies have experienced a damaging breach in the past year, and the majority of organizations have increased their security budget and adopted a more aggressive approach to thwart new risks. Since cyber-attacks are increasingly multi-pronged and use more sophisticated methods to create a breach–including social engineering–there's also a growing focus on using the right combination of tools, technologies and methods–and integrating them more effectively. Here are some of the highlights from the research.