On the eve of the release of its new corporate security solution, Kaspersky Lab presents the results of its survey “Cyber Threats and Corporate IT Security: GCC and Global Trends”.
According to the survey, nine out of ten companies have encountered at least one cyber threat in the past year. This was reported by 88% of all respondents in GCC, and 91% globally. Worldwide, one in three of these companies suffered data loss through these incidents, including data vital to business operations. In GCC, 40% of the companies lost data. At the same time, almost half of all respondents think that the number of cyber threats has been increasing (48% globally and 44% in GCC), while only 8% feel that the number has decreased. Companies most often encounter viruses, worms and malicious software, spam, phishing and hacking attacks.
Tarek Kuzbari, Kaspersky Lab’s Managing Director for the Middle East, said: “This is the first time Kaspersky Lab has conducted such a wide-reaching survey prior to releasing new corporate solutions. The survey results show that the technologies and features implemented in our new Kaspersky Endpoint Security 8 will help effectively tackle the security problems commonly encountered by IT managers. From conducting polls to implementing specific protection mechanisms, all our efforts to develop new solutions for this release have enabled us to provide ‘pro-active protection’ with which to counter both existing and future cyber threats.”
IT security is most commonly implemented by using antivirus software and client firewalls, installing updates – including those that remove vulnerabilities in existing software – and backing up data. More than half the respondents (55% in GCC and 59% globally) are confident that their corporate networks are securely protected. However, the survey shows that only 28% of all GCC companies (and 36% of companies globally) employ all of the standard security methods mentioned; 3% of companies worldwide have no measures in place to protect them from cyber threats (in GCC luckily there are no such companies).
In an attempt to improve corporate IT security, companies often impose sweeping measures which can damage their business effectiveness. Thus, 62% of GCC companies (and 72% of companies globally) block or restrict employee access to social networking sites and applications.
One serious problem discovered by the survey is underinvestment in IT security. However, the situation in the GCC region is better than worldwide: 65% of GCC companies consider their IT security investments adequate, whereas globally the figure is 55%. In the respondents’ opinion, lack of funds is only part of the problem: 61% of respondents in GCC (70% throughout the world) complain of understaffing, lack of expertise or insufficient system resources.
The increasing number of employees working remotely and the ongoing consumerization of business (use of personal devices for business purposes) bring a new problem. IT specialists need to protect the security of mobile devices outside the corporate network. 44% of all respondents in GCC (55% globally) say that their companies are now much more aware of this problem than a year ago. At the same time, the poll found 28% of organizations in GCC and 32% globally consider the use of mobile devices too risky for their businesses.
Many organizations also see IT security risks in using new technology. As a result, 21% of GCC companies’ representatives (23% globally) see cloud technologies as a threat, while 41% in GCC (42% globally) are reluctant to introduce innovations in general.
IT specialists believe the major threats in the future will come from malicious programs and targeted hacking attacks. The respondents predict that cyber threats will become more and more of an issue for business: only 15% of organizations globally see them as a present danger, while 46% globally see them as a major risk to their businesses in two years’ time. The situation is different in GCC, where IT managers’ awareness is considerably higher - 40% of respondents already consider cyber threats as one of the top-three critical business risks to their organization. However, apparently they hope for the better, since only 31% of them see cyber threats as one of the top-three developing business risks in two years' time.