Midsize businesses are slashing their security budgets even as cyber-threats continue to grow, according to a report from McAfee.
In a survey of 900 employees of midsize businesses around the globe conducted by MSI International, 75 percent of the respondents reported cutting or freezing their IT security budgets in 2009. At the same time, 56 percent of the respondents reported seeing more security incidents this year than last, and 29 percent admitted to suffering a data breach in the past year.
“More than 90 percent of people surveyed in companies with 500 employees or fewer feel protected from cyber-attacks, even though the evidence is hardly on their side,” said the McAfee report, entitled “The Security Paradox.” “The truth is that companies with fewer than 500 employees suffer more attacks on average than their larger counterparts. Of the midsize organisations that have had security breaches, those with 101 to 500 people have had roughly 24 incidents in the past three years, compared to only 15 incidents for organizations with 501 to 1,000 employees.”
The authors continued, “Our research shows that in the past year midsize organisations in the United States have spent a total of $17.2 billion fixing IT security incidents. On average, in 2008 a single midsize organization in the United States spent more than $75,000 (£46,000) a year on IT security incidents.”
About 60 percent of the U.S. respondents said it had taken their businesses more than a day to recover from their most recent cyber-attack. That number stood at 86 percent in China and 70 percent in India. Overall, McAfee found that 65 percent of surveyed midsize organisations worldwide spend less than 4 hours a week on proactive IT security.
“An organisation’s level of worry and awareness about increasing threats has not overcome the downward pressure on budgets and resources,” Darrell Rodenbaugh, senior vice president of global midmarket for McAfee, said in a statement on 28 Oct. “But this creates a vicious cycle of breach and repair that costs far more than prevention. Our research shows that organisations that put more effort on preventing attacks can end up spending less than a third as much as those that allow themselves to be at risk.”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…