Companies still clueless on security?

Surveys find half of laptops not protected and a lack of cyber attack awareness in smaller firms.

Security

New research has found corporate laptop security lacking, while smaller firms emerged as vulnerable to cyber attack, yet unaware of their potential as targets.

A survey of 320 UK public and private sector IT managers and senior IT staff found 43 per cent did not have data or device encryption deployed to secure their business laptops and a further five per cent admitted they didn't know if encryption was in use.

The survey, conducted by eMedia, revealed only half of organisations used data encryption to protect removable media, such as USB memory sticks, removable drives and DVDs. Nearly half (44 per cent) said they had no solutions deployed to protect these devices and six per cent of respondents said they did not know if encryption was in use.

Terry Greer-King, UK managing director of Check Point Software, which sponsored the survey said: "These threats need to be addressed by a combination of education and technology so that organisations can protect their data, their business and their employees against the risks of security breaches."

A similar UK survey also carried out by internet security software firm in October 2010 found just 40 per cent of organisations had encryption deployed on their laptop, suggesting a significant proportion of businesses are still vulnerable to breaches from loss or theft of portable PCs.

These threats need to be addressed by a combination of education and technology so that organisations can protect their data.

Greer-King said new threats such as consumerisation have also emerged, and many organisations hadn't established measures to secure the use of personal laptops and smartphones in the workplace.

Nearly two thirds (61 per cent) of organisations surveyed said employees use personal devices for work (up from 55 per cent in Check Point's October 2010 survey), yet 42 per cent of the respondents said they had no formal process for deploying security to these devices, leaving corporate network at risk.

Only 17 per cent of organisations said they insisted on deploying security on personal devices used for work purposes, and 42 per cent restricted access to the organisation's network or data resources to authorised corporate devices only.

A further 73 per cent said they had not experienced an incident of data loss incident in the past 12 months, whether accidental or malicious.

Yet, despite email breaches being the second most common vector for breaches, only 32 per cent of respondents said they had any kind of data leak prevention solution to protect email traffic and sensitive files from reaching unauthorised individuals.

Another survey published today, the Symantec 2011 SMB Threat Awareness Poll [PDF], also found half of small to midsized businesses believed they were too small to be the target of cyber attacks.

Yet data from Symantec.cloud found that 40 per cent of all targeted attacks since the beginning of 2010 had been directed at companies with fewer than 500 employees, compared to only 28 per cent for large enterprises.

Over two thirds (63 per cent) did not secure systems used for online banking, while a further nine per cent admitted they took no additional online banking precautions. Nearly the same proportion (61 per cent) used neither antivirus on all desktops or mail servers or services (47 per cent).

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020