Symantec has found that the majority of enterprises have experienced a cyber attack in the past year, and the attacks on average cost £1.3 million
Yet despite the high staffing numbers, it seems that enterprise security is becoming more difficult due to a number of factors including (somewhat incredibly) understaffing, as well as new corporate initiatives that makes providing security more difficult. Problematic initiatives include infrastructure-as-a-service, platform-as-a service, server virtualisation, endpoint virtualisation, and software-as-a-service (SaaS).
Symantec has issued the usual advice that enterprises should secure their endpoints, messaging and web environments, as well as defend critical internal servers. Proper back up and recovery solutions should also be in place.
However the security vendor also believes that organisations “need the visibility and security intelligence to respond to threats rapidly,” and that IT admins “need to protect information proactively by taking an information-centric approach to protect both information and interactions.”
“Taking a content-aware approach to protecting information is key in knowing where sensitive information resides, who has access, and how it is coming in or leaving your organisation,” said the company.
The Symantec study is based on surveys of 2,100 enterprise CIOs, CISOs and IT managers from 27 countries.