90% of companies underestimate the volume of malicious software

Few companies have any realistic idea of how much new malware appears every day.

July 29, 2013

Few companies have any realistic idea of how much new malware appears every day

Most companies greatly underestimate the number of new malicious programmes appearing daily, and only 6% recognise the true scale of the threat, according to the 2013 Global Corporate IT Security Risks survey conducted by analytical authority B2B International and Kaspersky Lab. According to Kaspersky Lab, nearly 200,000 new malware samples appear around the world each day. Asked to estimate this figure, 90% of global participants in the survey named a lower figure; 4% guessed too high and only 6% gave an accurate estimate.

The highest levels of malware awareness were found among respondents in the Middle East, where 24% of companies gave accurate estimates. At 4%, the lowest levels of malware literacy were found in Russia. In South Africa, the survey indicated that 28% of respondents estimated that 100 – 1000 new malware samples appear everyday – which is well below the actual amount, while 7% named a figure close to reality.

Remarkably, the results of this same survey revealed that an average 66% of companies had experienced at least one attack involving malware in the previous 12 months. 64% of respondents in South Africa highlighted that they had experienced the external security threats of viruses, worms, spyware and other malicious programmes over the last 12 months. The companies most frequently targeted in those attacks were located in South America (72%), Russia (71%), North America (70%), Asia-Pacific (68%) and Western Europe (63%) — in other words, the regions demonstrating relatively low levels of education about the number of new malicious programmes emerging daily.

Says Riaan Badenhorst, Head of Operations for Sub-Saharan Africa at Kaspersky Lab; “While a company’s ability to accurately assess daily malware volumes is not necessarily an indicator of preparedness to counter cyber-attacks, it’s reasonable to suggest that better informed organisations are more capable of assessing risk and making the most suitable choices when it comes to protecting IT infrastructure.”

Implementing a product such as Kaspersky Endpoint Security for Business, can be affective, as the product includes targeted, developed features that work not only to protect a company’s IT infrastructure, but to manage it as well.