Bangkok--30 Sep--Aziam Burson-Marsteller
Security ranked as top business priority for 2012
HP today announced global research that demonstrates the need for Instant-On Enterprises to adopt a new, comprehensive approach to managing risk within today’s increasingly complex security landscape.
According to the Second Annual Cost of Cyber Crime Study,(1) an HP-sponsored Ponemon Institute survey, cyber attacks have a significant financial impact on businesses and government organizations, despite widespread awareness. The Cyber Crime study indicated:
— The median cost of cyber crime is now $5.9 million per year, a 56 percent increase from the median cost in last year’s study. In addition, more than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.
— During a four-week period, organizations surveyed experienced an average of 72 successful attacks per week, an increase of nearly 45 percent from last year.
— The average time to resolve a cyber attack is 18 days, with an average cost of nearly $416,000. This is an increase of approximately 70 percent from the estimated cost of $250,000 during a 14-day resolution period in last year’s study.
In addition, another study from Coleman Parkes, commissioned by HP, surveyed senior business and technology executives in Asia Pacific on their perspectives on risk, security threats and current priorities.(2) When asked what type of risk management is most critical to enterprises, the study revealed that financial risk was most critical to enterprises. In terms of threats representing the highest potential risk to organizations, executives agree the first is technological, with economic a close second.
The study also indicated that while executives are aware of potential security threats, they lack confidence in their organizations’ risk management practices. Specifically, only 27 percent of business and technology leaders indicated that their organizations were very well defended against security threats.
Executives surveyed also expressed that the volume and complexity of risks and threats continue to escalate. Nearly 70 percent of executives said that the complexity of risks has increased. In addition:
— More than 40 percent of executives believe that security breaches within their organizations have increased during the last year, with 46 percent responding that, in the past year, they experienced a security breach by unauthorized internal access while 39 percent responded that they had experienced an external breach.
— In the past 12 months, 22 percent of respondents said their organizations suffered from unwanted disclosure due to a security breach, 20 percent endured business interruption, 18 percent experienced identity and privilege abuse and 14 percent reported unsound transactions and 31 percent had to deal with compliance management issues.
— Platform vulnerabilities were identified as most critical to organizations, followed by network, application and device vulnerabilities.
More than 70 percent of the respondents indicated that security will be a major priority for 2012, while more than 50 percent believe that their security budget will increase in the next budget cycle.
Business risks are increasing in quantity and complexity, causing security events that substantially impact an organization’s operations and success. Reversing these trends requires a comprehensive security approach that reduces the risk of financial loss, reputation damage, as well as audit and compliance penalties.
HP Enterprise Security solutions provide a layered system of defense, helping enterprises assess, transform, manage, and optimize their security investments in the context of the rapidly changing nature of threats.
Methodology
The Coleman Parkes survey was conducted by Coleman Parkes Research on behalf of HP and consisted of 550 interviews among senior business and technology executives within enterprises (more than 1,000 employees) and midmarket companies (500-1,000 employees). The interviews were conducted via phone between July and August 2011. Regions included: North America (United States and Canada), Europe and the Middle East (Denmark, France, Germany, Russia, Czech Republic, United Arab Emirates and United Kingdom), Asia Pacific (Australia, China, India, Japan, South Korea) and Latin America (Brazil and Mexico).
(1) “The Second Annual Cost of Cyber Crime Study, “Ponemon Institute, July 2011.
(2) “HP Research: Enterprise Risk,” Coleman Parkes Research Ltd., July 2011.