McAfee: Most businesses in denial about security threats

McAfee: Most businesses in denial about security threats

Summary: McAfee's State of Security report explains the present challenges to IT departments when it comes to securing sensitive information in a highly regulated and increasingly complex global business environment.

TOPICS: Security, Verizon

Most companies are not confident about (or possibly afraid of) quantifying the potential financial impact of a security breach, according to McAfee's State of Security report published this week.

McAfee's latest research is intended to demonstrate how IT managers and decision-makers view the present challenges of securing sensitive information in a highly regulated and increasingly complex global business environment.

The alarming problem appears to be that there are still too many businesses that would rather not worry about security breaches until they happen, leaving them quite vulnerable to many kinds of attacks.

Researchers found that approximately one-third of the organizations surveyed have either not purchased or not yet implemented many of the next-generation security technologies designed to address current-day threats.

Yet, more than 80 percent of these businesses identified malware, spyware and viruses as major security threats.

So obviously they know the threats are out there, but either they are in some state of denial or can't afford security upgrades -- or some combination of the two.

McAfee outlined four levels of "maturity" when it comes to IT security, ranging from "reactive" (event-driven policies and actions) to "optimized" (strict policies already in place).

Curiously, only 9 percent of the companies surveyed were placed in the reactive category. Most of them fell into the "proactive," third-tier stage, which was defined as "follows standardized policies, has centralized governance, and has a degree of integration across some security solutions."

So the takeaway here would be then that many of these businesses have some sort of strategy, but they need to build upon these protocols to truly handle evolving threats.

For reference, the State of Security report is based on 495 interviews with IT decision-makers at companies with 1,000 or more employees worldwide.


Topics: Security, Verizon

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • All I know is...

    My current client spends an estimated 45 man years every year scanning .c, .h, and .s files for viruses. We recently did a study on how the current settings for virus scans impact productivity and it was sadly shocking. No wonder companies are outsourcing like mad given American businesses are being crippled by their IT departments.
    • no

      > businesses are being crippled by their IT departments

      no, if anything they're being crippled by the requirement to mitigate the threat. having a security outbreak can destroy company, purely because your management didn't want to fund either a) a better way to store your corporate assets (source code) b) faster PCs c) better security software.

      that's the management's fault, not ITs.
  • Looking at source

    At my company we dropped McAffee because they demonstrated an inability to offer and maintain adequate protection. We switched to internal proceedures and Forefront and have had significantly less issues getting into the "system".

    Based on this experience, while they may be correct, BUT, I take anything they publish with a boatload of salt.
  • It has to work

    And unfortunately McAfee products simply don't work.
    On top of that, they buy small companies and take good products (Wavesecure) and make them not work also.
    It's no small wonder they are losing so much market share.
  • mcafee

    intel has bought mcafee so now it is junk big time
  • savedrf

    www paybuybuy com