Six out of ten companies have experienced IT security breaches in the last three years, study finds

About six out of ten companies have suffered a computer security breach in the last three years, and a third of IT security professionals who have not had any incidents say they are very likely to be victims without knowing it, Global study of Bitdefender.

The share of companies that have experienced incidents in the first six months of 2019 is about 25 percent, compared to 32 percent for the whole of last year.

The employee as the weakest link

More than half of IT security specialists are concerned about the overall level of readiness of companies to cope with a global attack, which is not surprising considering that 57 percent say that those in management comply the least with IT security policy.

Most often, executives are reluctant to IT security policies, trying to either delay or disregard them after they come into force as they consider themselves to be exempt from the rules. In addition, one third of respondents found that employees in the companies where they work lack basic computer security knowledge. That is why 49 percent of respondents say that their concerns about the imminent cyber attack on the organization causes them stress at home too, largely because of constraints related to budget and the qualified personnel.

Read more about

Arctic Stream and Data Core Systems form a strategic alliance in IT and Cybersecurity market

read more

“The lack of resources is such a major stress factor that many IT security specialists have considered resigning. Insufficient investments in security are the main obstacle to building a stronger position against increasingly sophisticated computer attacks. Poor security is undoubtedly a major threat to any business,” says Liviu Arsene, a computer security specialist at Bitdefender.

Reputation by budget

The speed with which attacks are detected and isolated is a key factor in diminishing the scale of an attack, according to the IT security specialists questioned in the study. But one in three says it would take a week or more to detect an advanced computer attack. Consequences of an undetected breach may be disruption of business activity (43 percent), reputational costs (38 percent) and decreased sales (37 percent), but the biggest concern is the loss of customer confidence.

“Breaches can irreversibly affect customers’ confidence in the goods and services offered by a company. Examples of real cases of breaches of competitors can be a good tool to initiate discussions with the management on the topic of computer security and also to justify the additional expenses necessary to secure the IT infrastructure. Security managers can now provide concrete evidence to management that, without a proper budget, it is only a matter of time before the infrastructure is compromised,” says Liviu Arsene.

The survey was conducted in July 2019 on a representative sample of over 6,000 computer security specialists from Europe, the US and Australia, working in companies with more than 10,000 employees.