SOURCE: M86 Security

M86 Security

June 29, 2011 07:00 ET

New Survey From M86 Security and Osterman Research Reveals Enterprises Accept Malware Attacks as Cost of Business

Firms Believe Their IT Security to Be Sufficient Even With Increased Attacks

ORANGE, CA--(Marketwire - Jun 29, 2011) - New data shows that while cybercriminals are becoming more sophisticated, targeted and dynamic, organizations of all sizes are challenged to successfully protect their employees, data and networks, but seem to be accepting cybercrime as a fact of life. According to a new survey by M86 Security, conducted with Osterman Research, 49% of responding companies acknowledged that security breaches occurred but accepted them as a cost of business. The study, entitled, "The Global Malware Problem: Complacency Can Be Costly," showed that malware problems continue to rise, with 27% of respondents stating that malware problems increased in the past 12 months, and 64% responding that malware problems remained the same. The survey is part of M86 Security's continuing efforts to educate organizations on the impact of cybercrime and malware.

"With more than 78% of organizations experiencing malware breaches during the last 12 months, it's clear these attacks are becoming a part of the fabric of the Internet," said Michael Osterman, president of Osterman Research. "What's surprising is the degree of complacency -- often driven by lack of budget or adequate information -- these companies exhibit in light of the uptick and complexity of the recent cyber attacks -- even among those tasked with caring for data which can include customer information and intellectual property. The pervasiveness of malware demonstrated in this study indicates a real need for businesses to educate themselves on the latest threats, in order to protect against serious security breaches."

The survey was conducted in May 2011 to assess how serious the malware concern was in today's state of global cybercrime. It represented a cross-section of industries with 92% of respondents as decision makers and influencers in their organizations' IT departments. The average number of employees at the responding organizations was just over 10,000.

"Cybercrime as a 'business' has exploded," said John Vigouroux, CEO, M86 Security. "This survey confirms that ease of entry, the sophistication of modern malware and the reliance, for many organizations, on antiquated security technologies provides an open door for cybercriminals. What was surprising was that the majority of businesses felt they were better protected than other organizations while experiencing the same number of attacks as their peers."

Key survey findings include:

  • Malware from the Web is the No. 1 Security Concern: According to the report, 77% of respondents revealed the Web to be the biggest malware concern. Even with this high level concern of malware, surprisingly, half of the respondents were confident in their current security solution, despite the fact that 78% of the organizations surveyed had experienced at least one malware attack during the preceding 12 months.

  • Security Attacks are More Common Than Not: Respondents had "experienced a median of five attacks during the past twelve month period." This means that the typical organization experiences a malware attack every 73 days. The number of attacks varied greatly among the different industries. Those impacted the most were the "educational institutions, which had a median of 12 attacks during the same period as well as the financial services and government organizations, which had a median of four and 10 attacks, respectively, during the previous 12 months."

  • Security Incidents Come with Financial Costs: Of the 70% of organizations that reported some financial loss following a malware attack, 59% of respondents told us the cost of an attack was up to $50,000. Specifically, 82% of financial services organizations reported a financial impact resulting directly from a malware attack.

The research also covers information on the sources of cyber-attacks, the direct and indirect costs of attacks and the cost of remediation, and organizations' concerns about the increased use of mobile devices and social media and its effect on security. The report, along with other valuable information on cybercrime can be found at a special cybercrime website set up by M86 Security, at

About Osterman
Osterman Research provides timely and accurate international market research, cost data, cost models, benchmarking information and other services to technology-based companies. We do this by continually gathering information from IT decision-makers and end-users of information technology. We analyze and report this information to help companies develop and improve the products and services they offer to these markets or to internal customers.

About M86 Security
M86 Security is the global expert in real-time threat protection and the industry's leading Secure Web Gateway provider. The company's hardware, virtual appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 25,000 customers and 26 million users worldwide. M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand. For more information about M86 Security, please visit:

Follow M86 Security on Twitter at:
Facebook at:
M86 Security Labs Blog at:

Contact Information

  • Media Contact:
    Jan Wiedrick-Kozlowski
    Activa PR for M86 Security
    Email Contact