e-Crime Congress 2009: Enterprises vulnerable to cyberattack, says KPMG

Enterprises are more likely to be vulnerable to sophisticated cybercrimal attacks than they believe, says consultancy firm KPMG.

Enterprises are more likely to be vulnerable to sophisticated cybercrimal attacks than they believe, says consultancy firm KPMG.

A quarter of organisations polled in the e-Crime Congress and KPMG e-Crime Survey 2009 said they did not know or had no way of measuring increases in the technical sophistication of attacks.

But the e-Crime Survey report says some organisations may be more vulnerable to attacks than they realise, with 44% reporting that attacks are growing in sophistication.

Organisations said targeted attacks were among their biggest concerns because they becoming increasingly difficult to detect. Some 37% of respondents reported an increase in this type of attack.

Technology is not keeping up, Malcolm Marshall, partner at KPMG told the e-Crime Congress 2009 in London.

"We have seen targeted attacks succeed against a sophisticated user like a CIO using information from family members' profiles on social networking sites," Malcolm Marshall said.

The survey revealed 62% of organistions do not believe their business dedicates enough resources to locating vulnerabilities.

Half of IT respondents said their organisations are not sufficiently protected against malware and 79% of all those surveyed said signature-based detection methods do not provide enough protection.

Many organisations relying on the internet for the way they conduct business are still not getting the basics right, such as regular security updates for all applications, said Marshall.

"The most successful attacks exploit basic errors. We need to get the basis right, educate users and improve defences and find new business models, or face a meltdown in e-business," he said.

Read more on IT governance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close