Cloud computing and social networking are among the trends that have increased the vulnerability of UK organisations...
to cyber attack, a survey has found.
Hacking and denial of service attacks have doubled in the past two years, according to preliminary finding of the 2010 Information Security Breaches Survey by PricewaterhouseCoopers.
Business use of technology is evolving faster now than at any point in the last decade, increasing the vulnerability of organisations, the report said.
The rate of adoption of newer technologies has accelerated over the past two years and most respondents said they use wireless networking, remote access and VoIP, the survey found.
Some 85% of smaller organisations said they were using wireless, almost double the use in 2008. The number of organisations allowing staff to have remote access to their systems has also increased, with 90% of large companies now doing this.
As organisations have looked to cut their IT costs, they have increasingly turned to external providers who host applications on their behalf, the report said.
These services, including cloud computing, are now used by more than 75% of the organisations polled, and of these, 44% said they were entrusting critical services to third parties.
All sectors are making use of the services, but government is least likely to release control of critical services, the survey found.
At the same time, there has been an explosion of new cyber attacks with 61% of large organisations reporting a significant attempt to break into their network in the past year.
Some 15% of large organisations have detected unauthorised access to their networks in the past year and 25% of large organisations have suffered a denial of service attack.
Chris Potter, partner, OneSecurity, PricewaterhouseCoopers said it is worrying that only 17% of organisations with highly confidential data at external providers ensure that it is encrypted.
Virtualisation and cloud computing seem to be set to follow the trend of controls lagging behind adoption of new technologies, he said.
"Given the increased criticality and confidentiality of information held on virtual storage, organisations need to respond quickly to close this control gap," said Potter.
Staff postings to social networking sites pose a new data leakage risk, but at the same time, social networking is increasingly important to businesses, the report said.
Nearly half of large organisations now restrict staff internet access the; less than a third did so in 2008, and organisations are now one and a half times more likely to monitor postings to social networking sites if social networking is considered very important to their business, the survey found.
The full results of the survey including details of the number and cost of security breaches in the UK, will be revealed at Infosecurity Europe in London on 28 April.