Sixth Annual IT Security Survey: Incidences of Unauthorized Intrusions of Large Companies Increased Significantly in 2010 After a 15 percentage point decline in 2009 versus 2008, this year's 26 percentage point increase to the highest level reported since 2005 reflects setback in fight against intrusions/hackings for companies with over 5,000 employees
BOCA RATON, Fla. and ALBUQUERQUE, N.M., Oct. 12 /PRNewswire/ -- According to the Sixth Annual Enterprise IT Security Survey of 350 IT managers and network administrators commissioned by VanDyke Software® and executed by Amplitude Research® that examines best practices in enterprise intrusion defense, there was a significant increase in 2010 compared to 2009 in the proportion of large companies reporting an intrusion of their user machines, office network, and/or servers – 67% in 2010 vs. 41% in 2009.
The 26 percentage point increase in 2010 versus 2009 is particularly noteworthy as last year 41% of large companies reported intrusions compared to 56% in 2008.
Between 2005 and 2008, the proportion of large companies reporting an intrusion ranged from 51% to 58%. This year's 67% is the highest level reported since 2005.
For other company size categories, the proportion reporting an unauthorized intrusion was fairly steady between 2009 and 2010.
- Among "midsize" companies (1,000 to 4,999 U.S. employees), the proportion reporting an intrusion was 57% in 2009 and 59% in 2010.
- Among "small" companies (100 to 999 U.S. employees), the proportion reporting an intrusion was 45% in 2009 and 43% in 2010.
- Among "micro-size" companies (fewer than 100 U.S. employees), the proportion reporting an intrusion was 25% in 2009 and 25% in 2010.
- At the same time, the proportion experiencing intrusions did not change significantly between 2008 and 2009 for micro, small, and midsize companies.
Intrusion Sources Identified by IT Managers and Network Administrators
New in the 2010 survey commissioned by VanDyke Software, those who experienced an intrusion were asked to describe in their own words what they believed or suspected primarily caused or contributed to past intrusions. The following types of responses emerged most often:
- Hacker / network attack (14%)
- Lack of adequate security policies / measures (12%)
- Employee web usage (10%)
- Virus / malware / spyware (9%)
- Other employee carelessness / negligence (8%)
- Unauthorized access by current / former employees (6%)
- Weak password policy (5%)
- Lack of software updates (5%)
- Software security flaw / bug (5%)
It was still true in 2010, as in 2007 through 2009, that the intrusions reported often had a potentially "high" or "medium" financial impact and/or intruders may have obtained sensitive information.
Another new, open-ended question for this year's survey was asked of all respondents about the "biggest risks for intrusions" of user machines, servers, or office networks in the future. The following emerged most often:
- Viruses / spyware / malware / Trojans / worms / spam (25%)
- Hacking (17%)
- Employee / user error / carelessness / uneducated about security (12%)
- Disgruntled employees / internal unauthorized access / sabotage (5%)
- Theft / loss of data / information / leaks (5%)
The 2010 study was administered by Amplitude Research over the period September 13th to September 16th, 2010 among its nationwide technology panel. In total, 350 surveys were completed by respondents who confirmed working as an IT executive, IT manager or network administrator for their company / organization.
For a copy of an executive summary of this year's survey findings, contact Michael Krems of KremsPR at firstname.lastname@example.org.
About Amplitude Research, Inc.
Amplitude Research® is a full-service online survey company headquartered in Boca Raton, Florida, specializing in B2B and technology market research surveys. Amplitude's Panelspeak® Web Panel delivers high quality sampling among business executives, small business owners, IT managers, network administrators, software developers, web developers and other IT professionals. The name "Amplitude" Research and its tagline "loud and clear" signify Amplitude's expert survey design, survey administration, data analysis and reporting services tailored to each client's needs. For more information about Amplitude Research, visit the company's website at http://www.amplituderesearch.com.
About VanDyke Software, Inc.
Busy IT professionals depend on VanDyke Software® to deliver rock-solid, easy-to-configure software for secure remote access, secure file transfer, terminal emulation, and remote administration. VanDyke offers a fully-supported 30-day evaluation of its products prior to purchase, providing both evaluators and customers with a higher level of service. The company's product offerings include the SecureCRT® Secure Shell terminal emulator, the SecureFX® secure file transfer client, the VanDyke ClientPack, and the VShell® Secure Shell server. The company in 2010 celebrated its 15th anniversary. For more information about VanDyke Software, visit the company's website at www.vandyke.com.
SOURCE VanDyke Software, Inc.