Tag Archives: stats

SMB Social Media Risk Index – Panda Security’s Surprising Findings

image The success of the email delivered “Here you have” worm that clogged email systems on Thursday, despite the usual misspelling, grammatical, and punctuation errors, seemed to bewilder many in the security community. Frankly, I’m surprised that the community was surprised.

It seems to me, that any security honcho worth his salt (someone who makes a point of getting out in the field occasionally to observe user behavior), would be more than aware, that despite constant warnings NOT to click on embedded links, the majority of users blithely ignore this critical advice.

The following are a few comments I heard at a meeting over the weekend, during which “here you have”, was a topic of much discussion.

“Social scientists need to sit down with a group of these dumb dicks who clicked on the link in this email, and study their behavior.”

“Most users continually show that they are morons. They can’t follow the most basic instruction – DON’T CLICK ON EMBEDDED LINKS!”

“Users who fell for this, and who caused so much disruption in their organization, should be restricted to a pocket calculator on the job.”

The comments might sound slightly edgy, but when perceived stupidity cost money, “edgy” might be at the lower end of the spectrum. And, there are costs –direct monetary costs that a company will be forced to deal with, following penetration of a company system caused by irresponsible employee behavior.

So, what do you think the costs to an organization might be, where employees fail to follow common sense rules when interacting with the Internet, particularly social networking sites?

Panda Security, which released the results of its 1st Annual Social Media Risk Index today, for small and medium sized businesses, may well have one answer.

In this survey of 315 US small and medium businesses (up to 1,000 employees), which focused on the month of July, 2010, Panda found that more than a third of surveyed  companies which had been infected through employee interaction with social networking sites, reported losses in excess of $5,000.

I was not at all surprised to see that Panda found that Facebook was cited as the top culprit for companies that experienced malware infection (71.6 percent) and privacy violations (73.2 percent).

I was however, surprised to see this – “we were pleased to see that the majority of companies already have formal governance and education programs in place. These types of policies combined with up to date network security solutions are required to minimize risk and ultimately prevent loss.”

A confused observation in my view, given that the facts show – these “education programs”, are NOT working.

Additional survey facts:

Thirty-three percent of SMBs have been infected by malware propagated via social networks; 23 percent cited employee privacy violations on popular social media sites.

Thirty-five percent of SMBs infected by malware from social networks have suffered financial loss.

Facebook takes top spot for social networking-related malware infections, followed by YouTube and Twitter.

You can find the complete survey here. Or, you can view a slideshow on the study’s results here.

About Panda Security;

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions with products available in more than 23 languages and millions of users located in 195 countries around the world.

Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology.

For more information, visit Panda US.

1 Comment

Filed under cybercrime, downloads, FaceBook, Free Anti-malware Software, Freeware, Interconnectivity, Online Safety, Panda Security, Reports, social networking, Software, Windows Tips and Tools

Panda Security’s Latest Survey Shows Small Business Fails At Data Security

image I’ve been working on an article for some time, investigation whether small business is up to the task of protecting your personal information; particularly your financial data (credit card, debit card, details), following a consumer transaction.

The background research has revealed a sobering reality – many small and medium sized businesses really suck at protecting their customers’ critical financial information.

So, when I had the opportunity to read Panda Security’s study (released yesterday), of security in SMBs (including 1,500 US SMBs), which showed that a startling percentage of US based SMBs just don’t get the security equation, I was not in the least bit surprised.

Look at these stats from the survey:

The infection ratio at U.S. companies has slightly increased since last year (46 percent in 2010 compared to 44 percent in 2009). It has dropped in Europe (49 percent in 2010 compared to 58 percent in 2009).

Viruses are the most popular threat SMBs are encountering (45 percent), followed by spyware (23 percent).

Thirty-six percent of US SMBs use free consumer security applications.

Unbelievably, 13 percent have no security in place!

Thirty-one percent of businesses are operating without anti-spam

Twenty three percent have no anti-spyware.

Fifteen percent have no firewall.

Participants: The survey consisted of companies with between 2 and 1,000 computers. 1,532 in the United States participated in the survey, and nearly 10,000 in total across the U.S., Europe, Latin America and North America.

The next time you use your credit/debit card at your local Butcher, Baker, or Candlestick Maker, consider carefully the risks involved. It might be prudent to inquire whether the business operates in a twenty first century security environment.

Yes, I know, you might see this as an overreaction – but it’s hardly that. Unless we, as consumers, force the issue, many SMBs will continue to operate with their heads up their in the cloud – unfortunately, not in the security cloud.

I’ll tell you a little secret – I never use my credit, or debit card, when transacting business with a small local merchant. It’s not the small monetary loss that concerns me, since the card issuer sets my liability limit at $50. Instead, it’s the more critical information that can be stolen and used in identity theft.

About Panda Security;

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions with products available in more than 23 languages and millions of users located in 195 countries around the world.

Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology.

For more information, visit Panda US.

A PDF version of the full report is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Free Anti-malware Software, Interconnectivity, Malware Advisories, Panda Security, Point of View, Windows Tips and Tools