Category: Computer / IT
75 percent of Organizations in Asia Pacific Hit by Cyber Attacks

75 percent of Organizations in Asia Pacific Hit by Cyber Attacks
Source: EBA Communications Ltd Date: Monday, 8 March 2010
Contact Person: EBA Communications Ltd Email: info@ebacomms.com
Web Site: www.ebacomms.com Attach:
 
Hong Kong businesses more worried about natural disasters than cyber crime or terrorism

Hong Kong¡V 8 March, 2010 ¡V The findings of Symantec's 2010 State of Enterprise Security study has found that 75 percent of Asia Pacific organizations experienced cyber attacks in the past 12 months, costing enterprise businesses an average of US$763,000 per year. However, in Hong Kong 50 percent of enterprises rank the threat of natural disasters as their top concern, ahead of cyber attacks and terrorism. Organizations also reported that enterprise security is becoming more difficult due to understaffing, new IT initiatives that intensify security issues and IT compliance issues. The survey of 850 enterprise CIOs, CISOs and IT managers from Asia Pacific in January 2010, is part of a global survey of 2,100 small, mid-sized and large enterprises around the world.

"Protecting information today is more challenging than ever," said Bernard Kwok, Symantec's senior vice president for Asia Pacific and Japan. "By putting in place a security blueprint that protects their infrastructure and information, enforces IT policies, and manages systems more efficiently, businesses can increase their competitive edge in today's information-driven world."

Asia Pacific Study Highlights:
• Security is of great concern to enterprises. The study found that 38 percent of organizations in Asia Pacific rate security their top issue. In Hong Kong 50 percent of enterprises rank natural disasters as their top concern, more than cyber attacks (25 per cent) and terrorism (25 percent). Reflecting that perception, IT is intently focused on enterprise security. On average, the median enterprise in Hong Kong assigns 53 staffers to security and IT compliance.

• All enterprises surveyed (100 percent) in Hong Kong rated "reduce IT costs" as the top goal for 2010. They also cited "improve infrastructure capacity" (75 percent) and "better manage business risk of IT" (50 percent) as additional goals for this year. Nearly all enterprises surveyed in Asia Pacific (94 percent) forecasted changes to security in 2010, with almost half (48 percent) expecting major changes.

• Enterprises are experiencing frequent attacks. In the past 12 months, 75 percent of enterprises in Asia Pacific experienced cyber attacks, with 25 percent of Hong Kong enterprises rating the attacks somewhat/highly effective.

• Every enterprise (100 percent) experienced cyber losses in 2009. The top three reported losses in Asia Pacific were theft of intellectual property, theft of customer credit card information or other financial information, and theft of customer personally identifiable information. The top three costs were productivity, revenue, and loss of customer trust. Enterprises in Asia Pacific reported spending an average of US$763,000 annually to combat cyber attacks.

• Enterprise security is becoming more difficult due to a number of factors. First, enterprise security is understaffed, with the most impacted areas in Hong Kong being incident response (75 percent), IT audit and compliance (50 percent) and network security (50 percent). Second, enterprises are embarking on new initiatives that make providing security more difficult. In Asia Pacific initiatives that IT rated as most problematic from a security standpoint include infrastructure-as-a-service, platform-as-a service, server virtualization, endpoint virtualization, and software-as-a-service. Finally, IT compliance also emerged as a huge undertaking for enterprises in Hong Kong. Although enterprises in Hong Kong were not exploring as many IT standards, the typical enterprise in Asia Pacific is exploring 19 separate IT standards or frameworks. The top standards include Common Criteria, FIPS, FISMA, HIPPA, COSO.

Recommendations
• Organizations need to protect their infrastructure by securing their endpoints, messaging and Web environments. In addition, defending critical internal servers and implementing the ability to back up and recover data should be priorities. Organizations also need the visibility and security intelligence to respond to threats rapidly.

• IT administrators need to protect information proactively by taking an information-centric approach to protect both information and interactions. Taking a content-aware approach to protecting information is key in knowing where sensitive information resides, who has access, and how it is coming in or leaving your organization.

• Organizations need to develop and enforce IT policies and automate their compliance processes. By prioritizing risks and defining policies that span across all locations, customers can enforce policies through built-in automation and workflow and not only identify threats but remediate incidents as they occur or anticipate them before they happen.

• Organizations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status.

Resources
• Find additional materials in the 2010 Symantec State of Enterprise Security Study Online Press Kit
• Watch the 2010 Symantec State of Enterprise Security Study Video on YouTube
• View the 2010 Symantec State of Enterprise Security Study (PDF)
• Access the 2010 Symantec State of Enterprise Security Study presentation on Slideshare.net

About Business Solutions from Symantec
Symantec helps organizations secure and manage their information-driven world with IT Compliance, discovery and retention management, data loss prevention, and messaging security solutions.

About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com
 
 

Copyrights 2000 iPress All right reserved
Terms of Service and Disclaimer