Boulder, Colo., September 22, 2008
Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today released primary research revealing the impact of Web 2.0 on the enterprise. An overwhelming 85 percent of malware is now distributed through the Web, Webroot found, but businesses are not adequately protecting themselves against Web-borne viruses, spyware and employee behavior that lead to security breaches, loss of intellectual property and release of confidential data.
"Businesses are taking measures to protect against e-mail-based threats, but they are not yet attuned to the greatest threat vector today: Web-based threats driven by employee Web use," Mike Irwin, COO, Webroot. "We found that Web-borne malware increased over 500 percent in 2007 as cybercriminals developed new ways to attack on-site and remote employees through personal Web mail accounts, social networking sites and other Web 2.0 applications. In the current threat environment, businesses must utilize a Web security solution that provides an additional layer of in-the-cloud protection for corporate and mobile users."
Webroot also found that while businesses now depend on Web applications to execute critical functions including customer support, research and ad campaigns, IT professionals are not adequately aware of the Web 2.0 world or the new set of threats it has introduced. Only 15 percent of the businesses Webroot surveyed reported solid enforcement of Internet usage policies to reduce their organizations’ vulnerability. Industry research shows 49 percent of businesses allow employees unlimited access to social networking sites, which do not monitor their content for malware. Further, more than 85 percent of organizations still rely solely on desktop defenses which do not scan for malware in inbound Web traffic.
"Employees and businesses regularly use blogs, Wikis and other online information sources that are more susceptible to hackers and infections because they include content from numerous anonymous contributors, rather than one trusted source," added Irwin. "However, awareness is only just beginning to grow among the IT professionals responsible for protecting these organizations. Nearly 30 percent of the IT decision-makers we surveyed did not know if their organization or its employees are using Web 2.0 applications. For better security, businesses must educate employees and use appropriate technology to monitor and manage their Web activity in order to minimize risk."
Webroot studied Web-related threats and how businesses defended against them over the past 12 months. Webroot surveyed 648 Web security product decision-makers in businesses across Australia, the United Kingdom, Canada and the United States.
Key Findings at a Glance:
The Web Is Now the Number One Attack Vector
Employees’ Online Behavior Puts Businesses At Risk
Employee Internet Usage Policies and Awareness Are Not Enough
Web Applications are Critical to Business