Information technology organisations, which have 51 to 1,000 employees, are slashing their security budgets even as cyber threats are on the rise, according to McAfee?s report ?The Security Paradox?. The study found that more than half the companies surveyed have seen more security-related incidents in the past year (63%) and one in five mid-size organisations around the world have reported a single incident that cost an average of $41K as loss of revenue.
This paradox is largely because companies are under the impression that hackers prefer to target larger companies. Almost half the global organisations surveyed (43%) think larger organisations, with over 501 employees, are at the highest risk of a security attack, whereas, organisations which have less than 500 employees actually suffer from more attacks.
The study reveals that 70% of the companies in India reported spending more than a day on recovering from IT security attacks and are now becoming increasingly aware of the threats to IT security. Research shows that organisations that had put in more efforts on preventing attacks can end up spending less than a third of what companies which allow themselves to be at risk do. Thus, adopting preventive security measures should be taken as a serious concern by every organisation, said Kartik Shahani, regional director for India, McAfee, Inc.
McAfee?s study also says that 81% of the organisations surveyed spend less than four hours a week on IT security proactively and, around 70% of them spend more than a day recovering from IT security attacks. The threats and responses vary greatly from country to country, but on an average, the countries where companies invested the least time on prevention, including Canada and France, suffered the greatest financial losses and downtime from cybercrime, requiring a week or longer to recover from their most recent cyber attack.