Coping in the Chaos?: The 2012 Global IT Risk Report

A Global Report Into Business Attitudes and Opinions on IT Security

The number, complexity and diversity of cyber threats is soaring. Businesses are increasingly concerned about the risks they face and 91% of organisations have directly experienced at least one cyber threat in the past year. Yet despite evidence of the dangers, Kaspersky Lab’s 2012 Global IT Risks Survey reveals an increasingly chaotic security landscape – where over 40% of businesses feel underprepared for the threats around them.

At the heart of this feeling is a difficulty in mapping awareness into realistic policies and practical security deployments and controls.

• Despite the fact that 35% of organisations have lost business data via malware, a third of respondents have not yet fully implemented anti-malware solutions.

• Although 44% of companies now protect their sensitive data via encryption, 44% place no controls on staff access to network and corporate resources via a notebook and 33% allow uncontrolled access via smartphones.

• Bring your own device is on the increase and usage restrictions are relaxing, particularly on video streaming and website access controls.

• Even social networking and FTP sites are becoming broadly accepted in a growing number of organisations.


Yet at the same time, senior management’s awareness of threats is deemed to be increasing and security budgets for the most part are viewed as sufficient. These seemingly contradictory responses epitomise the findings of Kaspersky’s 2012 Global IT Risks Survey. The survey, which polled more than 3,300 senior IT professionals in 22 countries, paints a vivid picture of an increasingly divided security community. At one end of the spectrum, there are those that recognise the risks and are actively responding to them. At the other end, sit a hard-bitten core of cynics –the 36% of respondents that view most IT security issues as simply unavoidable – and the complacent (32%) who believe that such issues happen to others.

These vastly divergent attitudes to coping in the chaos underline the fact that IT security is a mindset, rather than just a product. With threat levels set to increase further and targeted attacks becoming more common, Kaspersky elieves that the outcome will be a growing gap between those that can and o cope, and those who prefer to bury their heads in the sand.

For those seeking to ensure they are protected, Kaspersky offers the following recommendations, discussed in more detail in section 10 of this report:

1. Recognise the nature of the threats you face

2. Be prepared for targeted attacks

3. Develop a consistent and effective policy around mobile and removable devices

4. Introduce data encryption as standard

5. Focus on user education


0 yorum: