European businesses exposed to internet attacks due to false sense of IT security

91 percent of European IT Managers believe their company has complete or good IT security, yet 70 percent leave security gaps open to many common malicious internet threats

Independent research conducted by Dynamic Markets and commissioned by Websense, Inc, the provider of employee internet management software, today revealed that 91 percent of European IT managers believe they have complete or good IT security protection. However, only 30 percent protect themselves against some of the most common internet security risks which are identified in the survey, such as phishing attacks, spyware, hacking tools and risks associated with peer to peer (P2P) applications, as well as a host of other malware.[1] This failure to provide adequate security measures against common web-based dangers can leave more than 60 percent of European IT managers with a false sense of IT security. Not understanding the true risks can also affect IT managersí job security with 72 percent of respondents believing their jobs would be on the line if an IT security breach were to take place.

The ìStress of Securityî survey questioned 500 IT managers across Europe. Key survey findings include:

False sense of security
Known web-based threats are being ignored, with 58% protecting against less than three of the seven common web threats identified in the survey and a massive 26 percent of respondents protecting against just one:

60 percent of respondents have no measures in place to detect internal hackers,

62 percent are unable to block phishing attacks

56 percent do not prevent P2P applications from being run on the network

35 percent are unable to stop spyware from sending out potentially confidential information from their company to an external source

Eight percent of European companies have been exposed to all internet threats identified in the survey by not having security measures in place other than a basic firewall and antivirus solution.

Stress of security
One in five European IT managers in large companies find the task of protecting their companies against malicious internet security threats more stressful than starting a new job, moving house, getting married or getting divorced

Jobs at risk
72 percent of European IT managers believe their jobs might be at risk following potential IT security breaches, and an internet security breach was listed as the top concern

The perception gap
Perceived levels of security may not always mirror reality. For example, only three percent of IT managers admit they have experienced internal hacking attempts, yet 60 percent do not have software in place to detect any attacks ñ making this an invisible threat that may be taking place without their knowledge

Laptops create biggest fears
71 percent admit that corporate laptops, which are used outside the office and then reconnected to the network, pose a major security risk to their company. However, only 21 percent of companies have technical restrictions in place to secure disconnected laptops.

In fact, employees might be faced with too much responsibility for their own IT security. According to the survey, only 40 percent of companies enforce and automate internet usage policies through technology for desktops, and a mere 21 percent for laptops. With internet usage restrictions being left down to the individual to manage, employees have the freedom to access any type of website, download unknown applications, and even infect the network ñ whether intentionally or not ñpotentially putting IT managersí job security in jeopardy.

ìBusinesses can no longer rely only on antivirus software and firewalls as a safety net,î said Geoff Haggart, vice president, Europe, for Websense, Inc. ìNew web security threats such as spyware and phishing scams escalate each week, as employeesí personal and business usage of the internet increases. By protecting employees from the potential threats that are available today on the internet, businesses are also protecting themselves.î

In the ìStress of Securityî Survey, respondents were asked: ëin addition to firewall and antivirus solutions, do they have any security measures toí:

Stop spyware sending out information to external sources

Control the use of instant messaging

Block instant messaging attachments

Block the use of peer-to-peer applications

Filter internet use

Block phishing sites

Identify internal hackers