UK medium to large companies each lost an average of
£16,000 through security breaches and yet nearly two thirds have
cut or frozen IT security budgets, research has
revealed.
That is despite a third of medium to large companies surveyed in
the UK by security firm
McAfee admitting their defences had been breached by hackers in
the past year.
UK respondents reported more cyber attacks than anywhere else in
the world, with each company attracting around 40 attacks a
year.
The number of attacks is also increasing with 57% of respondents
reporting more incidents and threats from 2008 to 2009.
These businesses are under the misapprehension that hackers
prefer to target larger organisations, said
Greg Day, security analyst at McAfee.
"The smaller the business, the less they think that they will be
attacked, but in reality hackers are indiscriminate in choosing
targets," he said.
This is because criminals target security vulnerabilities rather
then specific companies or organisations, so all businesses are
vulnerable regardless of size, said Day.
"But successful attacks on smaller companies often have a more
devastating impact because they lack the resources of larger
companies to recover quickly," he said.
For this reason, he said, it is even more important for smaller
organisations to invest adequate time and money to ensure they have
adequate defences against cyber attack.
Failure to keep pace with cyber threats leads to the vicious
cycle of breach and repair, said Darrell Rodenbaugh, senior vice
president of global midmarket for McAfee.
"The research shows that organisations that put more effort into
preventing attacks can end up spending less than a third as much as
those who do not," he said.