90 percent of businesses say they have fallen victim to a cyber security breach at least once in the past 12 months. That percentage isn't based on a small number either: 583 US companies participated in the questionnaire.
The data comes from a new survey of US IT and IT Security professionals, conducted independently by Ponemon Institute and sponsored by Juniper Networks. You can check out the 25-page report here: Perceptions About Network Security (PDF).
The 90 percent number is just for one breach; organizations today are experiencing multiple breaches. In fact, more than half (59 percent) of respondents cited two or more breaches in the past 12 months. Companies indicate that security breaches have cost them a least half a million dollars to address in terms of cash outlays, business disruption, revenue losses, internal labor, overhead, and other expenses. Most respondents (59 percent) report that the most severe consequence of any breach was the theft of information assets followed by business disruption.
It gets worse. Security attacks are on the rise, according to the data provided by these companies. 43 percent of respondents indicating there has been a significant increase in the frequency of cyber attacks during the past 12 months and 77 percent say these attacks have become more severe or difficult to detect/contain. As a result of these multiple breaches, more than one-third (34 percent) of respondents say they have low confidence in the ability of their organization's IT infrastructure to prevent a network security breach in the future.
It's also worth noting that only 11 percent of respondents believe they know the source of all their network's security breaches. Unsurprisingly, employee mobile devices and laptops are seen as the most likely entry point from which serious cyber attacks are unleashed against a company.
"Our survey research provides evidence that many organizations are ill-equipped to prevent cyber attacks against networks and enterprise systems," Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. "This study suggests conventional network security methods need to improve in order to curtail internal and external threats."
"The size and complexity of today's security threats continue to intensify leaving organizations and governments vulnerable to cyber attacks," Mark Bauhaus, executive vice president and general manager of Juniper Networks Device and Network Services, said in a statement. "Business leaders need to consider a more aggressive, systemic security approach—implementing end-to-end comprehensive protection at all points in the network to help mitigate risk."