The results of a commissioned study were released today by Secure Computing Corporation. The study, conducted by Forrester, surveyed 153 IT professionals and security decision makers in companies with at least 1,000 employees, found -- among other things -- that while Web 2.0 usage is already prevalent in enterprises, organizations are not prepared to deal with the potential threats associated with the technology. The study further notes a lack of risk awareness, user training and consistent policies.
The study suggests that about half of the organizations surveyed spent more than 25 thousand dollars in the last fiscal year on malware remediation. It was therefore not surprising to learn that businesses are wary of Web 2.0 usage and associated threats. While 97 percent of all enterprise IT staff consider themselves "prepared," 79 percent have reported frequent attacks from malware. In addition, 79 percent of those surveyed are concerned about viruses, and 77 percent about Trojans, but only 12% were concerned about botnets even though bot networks have been growing rapidly as demonstrated by the recent estimate that the storm threat was propagated by over 1 million computers in a single botnet. These findings confirm that the majority of today's enterprises are still concerned -- to a considerable degree -- about Web 2.0 threats in their organizations.
Other significant findings include:
The study found a noticeable discrepancy between the amount of concern over security threats, and how well prepared businesses actually are -- or even perceive themselves to be.
While nearly 97 percent of those surveyed consider themselves prepared for Web-borne threats, a full 68 percent concede that there is room for improvement. However, it is important to note that when asked how often they experience malware attacks, a 79 percent reported more than infrequent occurrences of malware, with viruses and spyware being the leading issues.
According to the study "Today, the Internet is beleaguered with threats such as Phishing, viruses, Spyware, and botnets, all threatening to challenge your business operation. The need to keep inappropriate content at bay, reduce non-business bandwidth consumption, and limit exposure to Internet threats gave rise to the industry of Web filtering. The need for more effective Web protection has never been greater."
Recommendations Based on Study Findings:
Given the complexity of the current threat and technology environments, Forrester and Secure Computing recommend that organizations look beyond a simple filtering solution, and: