Not enough time or money is available to develop IT security policies and as a result, IT decision makers feel they do not have organized, systematic processes in place to deal with cyber threats, a new survey said.
Sixty percent of IT decision makers worldwide time and money are lacking for them to develop true IT security, according to the “Global Corporate IT Security Risks: 2013” survey, conducted by B2B International for Kaspersky Lab.
In addition, only 28 percent of educational institutions are confident they have sufficient investment in IT security, and only 34 percent of government and defense organizations said they have enough time and resources to develop IT security policies.
While knowing they still lack a solid security program, the attacks still occur with 91 percent of companies surveyed said they had at least one external IT security incident in the past 12 months. A serious security incident costs large companies an average of $649,000, and for small to medium-sized companies, serious incidents cost an average of $50,000.
Knowing some of the numbers, 28 percent of companies think the costs of guarding against cybercrime are greater than the potential losses, according to the survey results.
“IT security incidents can cause real financial and reputation damage,” the report said. “These losses can significantly exceed the cost of putting in place IT security tools which would help to avoid leaks of important data, downtime and other unplanned expenses. This is why it is important to invest in the security of the corporate IT infrastructure.”
Click here to download the survey.