McAfee pulled together responses from 495 organisations in Australia, New Zealand, the US, Canada, UK, Germany, France, Brazil and Singapore.
Findings include:
• Organisations are confident about identifying the most critical threats to their environments and knowing where their critical data resides. However, most companies are not confident about quantifying the potential financial impact of breach, should one occur.
• Most respondents say that as they develop Strategic Security Plans (SSP), they include consideration of potential threats and the associated risk to business, and financial analysis. Yet, four out of five of the companies experienced significant security incident in the past 12 months.
• Almost third of organisations surveyed have either not purchased or not yet implemented many of the next-generation security technologies that are designed to address current-day threats. Despite this, more than 80 percent of the organisations identify malware, spyware and viruses as major security threats.
• Two out of every five organisations have either an informal or ad hoc plan, or no security strategic plan in place. The size of the organisation matters when it comes to having formal SSP. Six of every 10 large enterprises have formal SSP, two out of every three mid-size enterprises have formal SSP, while this ratio dips to only one in two small enterprises.