Network security specialist Lancope has released the results of a survey showing that 66 percent of large organisations said that either they hadn't experienced a security incident in the last 12-18 months or were unsure if they had.
Businesses face a constant stream of threats from the normal phishing and malware to more sophisticated, targeted attacks. But Tom Cross, Lancope's director of security research, says that it's very unlikely that none of these organisations experienced incidents during that time frame: "Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter. I would assert that if you’re unsure whether or not your organisation has had a security incident, the chances are very high that the answer is yes -- and this is a significant problem".
Companies responding to the survey said that the most common incidents they were aware of were malware, DDoS and insider attacks. While 25 percent said that the worst impact incidents had on their organisation was to their reputation, 21 percent had suffered financial loss and 13 percent had experienced intellectual property being stolen.
Of course the threat landscape is constantly shifting and half of enterprises now felt that mobile devices and BYOD represented the greatest danger to their organisations. Insider threats are also high on the worry list with 32 percent concerned about them. Lack of information about what was happening inside their network concerned 28 percent too.
Cross concludes, "Any organisation needs to know whether or not they've been subject to a security breach, and if companies believe they have not, the question may be are they really aware of everything that is happening on their networks?"
Since it's very often our information that gets compromised when security is breached perhaps this is an issue that everyone needs to take seriously. Before we give our business to a company should we be asking how good their data security is?
Photo Credit: RTimages/Shutterstock