75% of Enterprises Have Suffered Cyber Attacks, Costing $2M+ On Average 81
coomaria writes "OK, even allowing for the fact this comes from a newly published study (PDF) from a security company, that's still one heck of a statistic. The fact that it's Symantec, and so has access to perhaps more enterprises than most, makes it a double-heck with knobs on. Or how about this one for size: 'every enterprise, yes, 100 percent, experienced cyber losses in 2009.'"
Full Text (Score:4, Informative)
'Article' is at best 3 paragraphs, poorly written, with advert popups.
For those who are interested, original text below.
Advertising as journalism, on slashdot (Score:4, Informative)
I'd be surprised if it's anything less than 100% (Score:5, Informative)
I seriously doubt Symantec are only counting "concerted attacks from a single original with a specific target in mind". More likely they mean "opportunistic attacks".
So, to /., I say:
Those of you who still have your hand up, well done. You've done just about all that is possible to secure your network short of giving everyone dumb terminals and your internal customers are delighted with everything you do.
Everyone else will see an attack from time to time. The whole point of a of security is you have several layers so any attack won't get far.
Re:I'm shocked (Score:4, Informative)
Unless you have data which shows something to the contrary, don't dismiss it out of hand, just like you (clearly) don't accept it on their word.
On the contrary, we live in an age where moral decadence is rampant even among professionals. Where well known drug companies create sock puppet "peer reviewed" magazines, with the sole purpose of "publishing" favorable studies for their drugs. Where "climate experts" leave out any inconvenient truth that contradicts the trend they are trying to "prove". Where "expert witnesses" in court turn out to be frauds and lie under oath.
No, today is a time when you must especially dismiss reports like this out of hand. And there are several reasons:
I doubt the CEO of any company would proudly announce how much money his company "lost" due to "cyber-attack" (yes look at us we're vulnerable/we're idiots!). It's none of Symantec's business.
Their categories are meaningless. Please explain the difference between Cyber-attacks, "Traditional criminal activities" and (of course it had to be there) "terrorism"? These are all separate categories according to their survey. Apparently 10% of all companies surveyed have been the victims of "terrorism". This does not correlate well with, say, the evening news.
They claim that on average companies are losing $2 million per year EACH. Yet the majority of companies (71%) are experiencing "no cyber attacks" or "just a few cyber attacks". Clearly these tiny attacks must be devastating.
Another section claims that 29% of respondents claim "significant" or "slight" increase in "attacks" in the past year. What they leave out is that this means 71% of respondents think there is "no increase" or some sort of "decrease". Oops.
Frankly, if you don't know how to think, you get swindled by lies like this. Symantec is out to sell "security" and in order to do that, they are willing to make you think that they are the only ones who can prevent your business from being ruined ($2 million dollars/year/large enterprise, or at least that's how they want it to sound) and that you are surrounded by enemies.
Re:Original report... (Score:4, Informative)