Intrusions At Large Companies Up Sharply In 2010, Study Says

More than two-thirds of enterprises say they have experienced system intrusions in the past year, up sharply from the 41 percent that reported such intrusions in 2009.

According to VanDyke Software's Sixth Annual Enterprise IT Security Survey, which was conducted by Amplitude Research, there was a significant increase in the proportion of large companies reporting an intrusion of their user machines, office network, and/or servers.

Between 2005 and 2008, the proportion of large companies reporting an intrusion ranged from 51 percent to 58 percent, according to VanDyke. This year's 67% is the highest level reported since 2005.

For other company size categories, the proportion reporting an unauthorized intrusion was fairly steady between 2009 and 2010.

Among "midsize" companies (1,000 to 4,999 U.S. employees), the proportion reporting an intrusion was 57 percent in 2009 and 59 percent in 2010, VanDyke says. Among "small" companies (100 to 999 U.S. employees), the proportion reporting an intrusion was 45 percent in 2009 and 43 percent in 2010. Among "micro-size" companies (fewer than 100 U.S. employees), the proportion reporting an intrusion was 25 percent in 2009 and 25 percent in 2010.

When asked to name the causes of their intrusions, 14 percent of respondents attributed them to hacker/network attacks. Lack of adequate security policies was the No. 2 response, with 12 percent. When asked to name the "biggest risks" for intrusion, 25 percent of respondents named malware as the top threat. Hacking was second at 17 percent, and employee error/carelessness was third with 12 percent.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.