January 17, 2012, 6:29 AM — A survey of 1,425 information technology managers in 32 countries about the type of security they deployed on their network endpoints, as well as security training for employees, indicates that these technology investments paid off in mitigating cyberattacks and downtime.
Those surveyed were asked to detail whether they made use of anti-malware, intrusion-prevention systems, data-loss prevention and firewall protection, plus whether they kept signatures updated on everything from physical desktops and servers to virtual desktops and servers, as well as laptops, notebooks and mobile devices.
ANALYSIS: 'Advanced persistent threat' concerns boosting security budgets
The survey also asked how frequently cyberattacks against these endpoints happened over the course of the past 12 months, and in particular, which attacks were successful. A cyberattack was defined as an attack from inside or outside the organization that hit the network, website or physical and virtual computers and mobile devices. These might include viruses, spam, denial-of-service attacks, theft of information, fraud and vandalism.
The outcome, according to the 2012 Endpoint Security Best Practices Survey, conducted by Applied Research and sponsored by Symantec, shows the top-third tier of companies that had applied higher levels of security protection and employee training experienced two-and-half times fewer cyberattacks, and were three-and-a-half times less likely to experience downtime from them than companies in the lower tier with less applied security.
"We wanted take the pulse and find the correlations in this," says Hormazd Romer, director of product marketing at Symantec, who says the survey did not inquire into what vendor products were specifically used but only category types. The companies participating in the survey hailed from manufacturing to high-tech to construction, the financial industry and the energy-production sector, as well as government.
The IT managers responding to the survey said their companies did suffer significant downtime remediating the fallout from cyberattacks. But there was a significant contrast in severity between the top-third tier that had the most security protections in place and the bottom third with far less.
This bottom third over the past 12 months suffered 2,765 hours in downtime, including 859 hours of downtime from cyberattacks that affected smartphones and tablets, 828 hours for desktops and notebooks, 241 hours for servers and 837 hours described simply as "widespread downtime." In contrast, the top-ranked third with the most identifiable security practices suffered a total of 588 hours in all these categories.
On average, the financial consequences of successful cyberattacks over the past 12 months cited by the survey respondents was significant, at an average of $470,000, mainly due to forced dedication of IT personnel to remediate affected endpoints as well as costs associated with loss of customer data and damage to the organization's brand and reputation.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.
