In 2012, 35% of companies lost data because of malware attacks – and 25% lost business data due to unpatched software vulnerabilities.
According to Kaspersky Labs, the top business risks during the year were:
* 50% of companies agree that cyber-threats are the second business risk and it is only inferior to economic instability (55%);
* 37% of companies seriously care about damage to brand and reputation that may be caused by cyber-security problems;
* 31% of companies are afraid of intellectual property theft; and
* 26% of companies think that fraud can be a serious risk for businesses.
The top external threats during 2012 were:
* 61% of companies experienced malware attacks in 2012 and 35% of them did lose data because of malware attacks;
* 56% of companies were disturbed by spam;
* 35% of companies confirmed that phishing was a problem;
* 23% of companies consider network intrusion to be one more external threat; and
* 20% of companies registered mobile device theft that could lead to corporate data loss.
The top internal threats were:
* 40% of companies experienced situations when vulnerable software could make damage and 25% of respondents did lose business data due to unpatched software vulnerabilities;
* 31% of companies experienced accidental staff-caused data leaks;
* 29% of companies suffered an internal threat – employees losing mobile devices;
* 25% of companies experienced loss of other equipment;
* 21% of companies were victims of intentional data leaks.
During 2012, the top concerns of IT staff included:
* 31% of IT professionals were concerned about preventing IT security breaches;
* 27% of IT professionals cared about data protection;
* 23% of IT professionals worried about return on investment made for IT security;
* 23% of IT professionals were thinking about importance of understanding new technologies; and
* 22% of IT professionals cared about future investments in IT Security.
The top IT security measures taken over the year were:
* 67% of companies not only used anti-malware protection but also named it top security measure;
* 62% of companies implemented patch management and consider this to be very important for protection;
* 45% of companies consider implementing access levels as one of their priorities;
* 45% of companies would prefer to separate critical infrastructure;
* 44% of companies applied encryption of sensitive data.
The survey was conducted among more than 3 300 IT specialists in 22 countries worldwide in conjunction with Kaspersky Lab. The participants represented all business sizes: small, medium and enterprise.