Study Reveals 8 in 10 Companies Suffered Web-Borne Attacks

New Data Shows Phishing, Spyware and Keyloggers are Extremely Disruptive to Businesses, and Large Companies are the Most Vulnerable to Data Loss and Malware

Broomfield, CO – March 28, 2013

A new Web security study finds that the vast majority of organizations that allow employees to freely access the Web are experiencing high rates of malware threats, including phishing attacks, spyware, keyloggers and hacked passwords. Conducted by Webroot, a leader in delivering Internet security as a service, the study reveals that Web-borne attacks are impacting businesses, with the majority of them reporting significant effects in the form of increased help desk time, reduced employee productivity and disruption of business activities. To mitigate these significant business risks a properly layered defense with effective endpoint and Web security and monitoring needs to be in place.

Top-level corporate study findings:

  • 8 in 10 companies experienced one or more kinds of Web-borne attacks in 2012
  • 88% of Web security administrators say Web browsing is a serious malware risk
  • Phishing is the most prevalent Web-borne attack, affecting 55% of companies

The study, which surveyed Web security decision-makers in the United States and United Kingdom, found an overwhelming 79% percent of companies experienced Web-borne attacks in 2012. These incidents continue to represent a significant threat to corporate brands. Results show that almost all of the Web security administrators agreed that Web browsing is a serious malware risk to their companies. Despite the obvious awareness of the risks, only 56% of participants said they had implemented Web security protection and more than half of companies without Web security had Web sites compromised.

"Protecting against Web-borne malware should be a high priority for all organizations since once inside a network, the propagation of malware can take down the entire company, effectively disabling an organization," said Sara Radicati, President and CEO at Radicati Group. "Finding a balance between providing employees Web access and ensuring corporate information security requires a solid Web security solution and is an essential requirement for companies to avoid this costly liability."

The major trends that are driving businesses and information technology today-mobility, social networking, BYOD and cloud computing-are also making organizations more susceptible to security attacks. More than ever, cybercriminals are taking advantage of these Web-based vulnerabilities, making the threat landscape more challenging. According to the results, phishing represents one of the fastest-growing causes of breaches and data loss as cybercriminals become progressively adept at luring users into divulging sensitive corporate data.

"It's no surprise that the latest study shows that attacks are increasing in frequency, complexity and scale. Organizations need to implement layered defenses from the endpoint to the network to understand not only what is happening but where the attacks are manifesting from and when," said David Duncan, Chief Marketing Officer at Webroot. "Given that instantaneous attacks are morphing constantly and are eluding traditional detection mechanisms, organizations require a cloud-based solution that is effective in this new environment, as well as easy to deploy, quick to respond and flexible to address today's sophisticated cyber-threats."

What can organizations do?

The new "Web Threats Expose Business to Data Loss" report provides a comprehensive analysis of the current Web-based vulnerabilities, and includes steps to reduce the risks associated with this rapidly changing threat landscape. The full report is available at http://www.webroot.com/web-security-report-2013.

About the Research

In 2012, Webroot commissioned a study to measure the prevalence of Web-borne attacks and identify factors that mitigate the consequences. The scope of the research included companies with 100 to 4,999 employees that currently have a Web security solution or plan to implement one in 2013. From December 20 through December 24, 500 Web security decision-makers (404 in the US and 96 in the UK) completed the online survey hosted by Qualtrics. Research Now provided respondents from their online panel of IT and business executives, and Lawless Research provided quantitative data analysis. The margin of error for the study is +/- 4.4 percentage points at the 95 percent level of confidence.


©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

ACERCA DE WEBROOT

Webroot® is the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises. We have revolutionized internet security to protect all the ways users connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Webroot protege a más de 7 millones de consumidores, 1.5 millones de usuarios empresariales y 1.3 millones de usuarios de dispositivos móviles. Market-leading security companies, including Cisco, F5 Networks, GateProtect, HP, Microsoft, Palo Alto Networks, Proofpoint, RSA and others choose Webroot to provide advanced Internet threat protection for their products and services. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held internet Security Company in the United States – operating globally across North America, Europe and the Asia Pacific region. For more information on our products and services, visit www.webroot.com.