Illusive Blog March 31, 2016

Kaspersky's 2015 IT Security Risks Survey | 5 Key Takeaways

By The Illusive Networks team


International software security group Kaspersky Lab recently published their findings from the 2015 Global IT Security Risks Survey, which included responses from 5564 IT professionals across 38 countries.

In the report, Kaspersky analyzes the state of IT security and pinpoints key areas of concern in 2015; here are the 5 highlights we found:

1. Security is Becoming an Increasing Priority

Although concerns with data breaches and IT security are nothing new, findings from this survey suggest that network security is a major priority for businesses of all sizes. In fact, “50 percent of IT professionals listed security as a top three concern.”

When you consider the numerous areas of operations that companies must contend with, it’s fair to say that this is a significant number. Tweet: Did you know? 50% of #IT pros list #CyberSecurity among their chief concerns »

2. An Underlying Dissatisfaction with Security

Despite a heightened concern with security, a large number of companies are less than pleased with their IT security.

More specifically, “almost half of organizations surveyed (47 percent) felt their IT security didn’t meet expectations when it came to safeguarding financial transactions—and 32 percent believe they’ve been the subject of a targeted attack at some point.”

Although IT security is a concern, these findings show that there’s still much that can be done in terms of data breach security, and there’s plenty of room for improvement.

3. There is an Alarming Number of External Threats

One statistic in particular from this survey that’s especially alarming was the fact that “over 90 percent of businesses have experienced some form of external threat in the past year.” Of these external data breach threats, 22% of businesses lost data as a result.


While many of these threats were only minor, this should nonetheless be disturbing to any organization that uses the Internet in any capacity. The problem is that it’s not just big name companies experiencing data breaches—they occur at organizations of all sizes, and no one is immune.

4. The Cost of Data Breaches

When you combine data-loss, stolen information, downtime, legal fees, etc., a data breach can be quite costly. While a myriad of factors exist that ultimately determine the exact cost, this survey found that “the median cost of a data breach for SMBs is $11,000; and for an enterprise organization, it’s $84,000.”

However, a more serious breach costs an SMB an average of $38,000 and a larger enterprise around $551,000.

These numbers are definitely nothing to scoff at, and can take a toll on a company financially. This doesn’t even take into consideration the potential long-term backlash that can stem from the diminished reputation that often comes with a serious data breach.

5. The Prevalence of DDoS Attacks

Distributed Denial of Service or DDoS attacks have been an issue for organizations for some time. However, the volume and complexity of DDoS attacks have increased in recent years, and they are more prevalent than ever. In fact, 50% of the businesses surveyed experienced some level of disruption due to a DDoS attack in the past year. Tweet: Did you know? 50% of businesses suffered disruption due to #DDoS attacks in the past year » #Cyber



Although IT professionals have differing views on DDoS attacks, many agree that they’re a threat that should be taken seriously – and “56 percent believe that spending money to prevent or mitigate an attack in the future would be worth the investment.”

While many of these attacks are relatively minor (e.g. increased page loading times), some result in major downtime and bring operations to a screeching halt. One of the worst was the attack on the BBC’s website, which was over 600 Gbps.

The Cybersecurity Bottom Line

The bottom line is that the threat of cyber attacks and data breaches are an ongoing issue and should be taken seriously—especially in an era of unprecedented virtualization and increased cloud migration.

By making IT security a top priority and budgeting accordingly, companies should be in a better position moving forward and can greatly minimize their risk level.

If you want to learn how illusive networks® 3.0 with Attacker View™ and Deceptions Everywhere® architecture provide unprecedented data breach protection, contact us.