McAfee reports on the IT security struggles of midsize businesses. Though more than half of businesses surveyed said they have seen more security incidents in 2009 than 2008, 75 percent reported having to cut or freeze their IT security budgets.
Midsize businesses are slashing their security budgets even as cyber-threats
continue to grow, according to a report from McAfee.
In a survey of 900 employees of midsize businesses around the globe
conducted by MSI International, 75 percent
of the respondents reported cutting or freezing their IT security budgets in
2009. At the same time, 56 percent of the respondents reported seeing more
security incidents this year than last, and 29 percent admitted to suffering
a data breach
in the past year.
"More than 90 percent of people surveyed in companies with 500
employees or fewer feel protected from cyber-attacks, even though the evidence
is hardly on their side," said the McAfee report, entitled "The
Security Paradox." "The truth is that companies with fewer than 500
employees suffer more attacks on average than their larger counterparts. Of the
midsize organizations that have had security breaches, those with 101 to 500
people have had roughly 24 incidents in the past three years, compared to only
15 incidents for organizations with 501 to 1,000 employees."
IT security spending is expected to increase significantly. Click here to read
The authors continued, "Our research shows that in the past year
midsize organizations in the United States
have spent a total of $17.2 billion fixing IT security incidents. On average,
in 2008 a single midsize organization in the United
States spent more than $75,000 a year on IT
About 60 percent of the U.S.
respondents said it had taken their businesses more than a day to recover from
their most recent cyber-attack. That number stood at 86 percent in China
and 70 percent in India.
Overall, McAfee found that 65 percent of surveyed midsize organizations
worldwide spend less than 4 hours a week on proactive IT security.
security takes proper planning. To read more, click here.
"An organization's level of worry and awareness about increasing
threats has not overcome the downward pressure on budgets and resources," Darrell
Rodenbaugh, senior vice president of global midmarket for McAfee, said in a
statement Oct. 28. "But this creates a vicious cycle of breach and repair
that costs far more than prevention. Our research shows that organizations that
put more effort on preventing attacks can end up spending less than a third as
much as those that allow themselves to be at risk."