Sixty-nine percent of IT professionals experience phishing attacks at least once a week, with customer data cited most often as the type of data attacked, followed by financial information.
In addition, the survey by research organization Ipsos Observer and sponsored by HP TippingPoint found that seven out of ten attacks generated within the network perimeter stem from a malware-infected host, highlighting the importance of taking a layered approach to security to block suspicious communications at every point on the network—from the perimeter to the core.
“Organizations are increasingly challenged to protect their networks from advanced targeted attacks; in fact, it is likely that most environments have already been breached with systems infected by malware,” says Frank Mong, vice president, Solutions, Enterprise Security Products, HP. “It’s important that IT professionals understand how attackers are trying to break through the network, and have confidence in their ability to mitigate attacks when every second matters.”
Based on the Ipsos Observer survey of more than 200 U.S. based IT professionals, the new study also yielded the following findings:
• Approximately six out of ten attacks stem from malicious communication with the command and control site, and over half are taking advantage of a software vulnerability. Top threats relative to these new attacks are primarily within the data center, mobile, and branch networks.
• Among the organizations surveyed, China is stated most often as a country of origin for external network attacks, followed by Russia and the United States.
• Eighty-five percent of survey respondents indicate concern for illicit file sharing and use of nonwork-related applications; 63% are concerned with employees visiting adult-only websites on the corporate network.
• Roughly seven in ten claim that social media is a type of abuse occurring on their corporate network.
• In the event of a network breach, 67% of survey respondents listed customer data as the most likely to be attacked, followed by the company’s financial information (63%). Other data at risk includes corporate intellectual property (59%) and employee data (49%).
• As companies look to adopt software-defined networking, 54% indicated network manageability as a top concern, while 44% are concerned with an attacker compromising the SDN controller.
• On average, enterprises are spending approximately $2.6 million annually on network security, and more than 60% of IT professionals surveyed expect to increase spending in the next year.