Webroot® Research Finding: Web Threats are More Pervasive than Email Threats Yet Businesses Fail to Protect Against Them

Eighty-five percent of malware is now distributed through the Web; current security measures leave businesses vulnerable

Boulder, CO – September 22, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today released primary research revealing the impact of Web 2.0 on the enterprise. An overwhelming 85 percent of malware is now distributed through the Web, Webroot found, but businesses are not adequately protecting themselves against Web-borne viruses, spyware and employee behavior that lead to security breaches, loss of intellectual property and release of confidential data.

"Businesses are taking measures to protect against e-mail-based threats, but they are not yet attuned to the greatest threat vector today: Web-based threats driven by employee Web use," Mike Irwin, COO, Webroot. "We found that Web-borne malware increased over 500 percent in 2007 as cybercriminals developed new ways to attack on-site and remote employees through personal Web mail accounts, social networking sites and other Web 2.0 applications. In the current threat environment, businesses must utilize a Web security solution that provides an additional layer of in-the-cloud protection for corporate and mobile users."

Webroot also found that while businesses now depend on Web applications to execute critical functions including customer support, research and ad campaigns, IT professionals are not adequately aware of the Web 2.0 world or the new set of threats it has introduced. Only 15 percent of the businesses Webroot surveyed reported solid enforcement of Internet usage policies to reduce their organizations' vulnerability. Industry research shows 49 percent of businesses allow employees unlimited access to social networking sites, which do not monitor their content for malware. Further, more than 85 percent of organizations still rely solely on desktop defenses which do not scan for malware in inbound Web traffic.

"Employees and businesses regularly use blogs, Wikis and other online information sources that are more susceptible to hackers and infections because they include content from numerous anonymous contributors, rather than one trusted source," added Irwin. "However, awareness is only just beginning to grow among the IT professionals responsible for protecting these organizations. Nearly 30 percent of the IT decision-makers we surveyed did not know if their organization or its employees are using Web 2.0 applications. For better security, businesses must educate employees and use appropriate technology to monitor and manage their Web activity in order to minimize risk."

Webroot studied Web-related threats and how businesses defended against them over the past 12 months. Webroot surveyed 648 Web security product decision-makers in businesses across Australia, the United Kingdom, Canada and the United States.

Key Findings at a Glance:

The Web Is Now the Number One Attack Vector

  • One out of four businesses reported a Web-based threat compromised confidential information, threatened online transactions or caused a Web server outage 
  • For the vast majority of respondents, Web-based threats were a greater source than e-mail-based threats for viruses and worms, spyware and security breaches

Employees’ Online Behavior Puts Businesses At Risk

  • Three out of 10 organizations reported their businesses’ Web security was compromised by employees using personal Web mail accounts, visiting social networking sites and downloading videos
  • Over a third of respondents estimate employees spend at least an hour per day on non-work-related sites

Employee Internet Usage Policies and Awareness Are Not Enough

  • Nearly half the businesses surveyed expressed concern about data breaches• 
  • One out of five respondents did not know which compliance laws apply to their business
  • Only 15 percent of respondents gave enforcement of their Internet usage policy an "A"

Web Applications are Critical to Business

  • Web-based applications are extremely or very important for providing customer support at nearly half of the businesses surveyed
  • Forty-four percent of respondents reported access to Web-based CRM, human resources and benefits applications are extremely or very important for their business
  • Using the Web for marketing purposes is extremely or very important to over 44 percent of respondents

©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

ÜBER WEBROOT

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. We have revolutionized Internet security to protect all the ways you connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Webroot sichert 7 Millionen Konsumenten, 1,5 Millionen geschäftliche Nutzer und 1,3 Millionen mobile Nutzer. Market leading security companies, including Cisco, F5, gateprotect, Palo Alto Networks, RSA, SOTI, Telenor, and others choose Webroot to provide advanced Internet threat protection for their products and services. Webroot wurde 1997 gegründet, hat seinen Hauptsitz im US-Bundesstaat Colorado und ist das größte, nicht börsennotierte Internet-Security-Unternehmen in den Vereinigten Staaten, das weltweit in ganz Nordamerika, Europa und der Region Asien-Pazifik tätig ist. For more information on our products and services, visit www.webroot.com.