Many businesses are struggling with how to approach a growing list of cyber security threats according to a report by technology research firm Ovum.
The report, called 2011 Trends to Watch: Security, found that cyber espionage and online fraud are the two most pressing threats that need to be addressed, while other problems like compliance and intellectual property protection also rate high.
Ovum found that cyber espionage had moved from the realm of governments to businesses, meaning that companies can no longer afford to ignore this growing threat. It cited incidents of state-sponsored cyber attacks within the commercial sector, including the allegedly Chinese attack on Google earlier this year.
34 US companies were found to have endured similar attacks, while the Fortune 500 list are seen as always under threat.
Cloud services and virtualisation are other areas which require focus as they brings new security risks of their own. Ovum said that the pace at which security in cloud computing and virtualisation is being understood is slow, which could create significant challenges for what is ultimately a very open network.
An exploit on a cloud could have extremely destructive and widespread effects given the shared nature of the service.
Ovum said that a new, holistic approach to security needs to be taken, focusing on protecting assets as opposed to merely defending perimeters.
The study also highlights growing demand for better security on embedded devices like smartphones and tablets which have taken the world by storm over the last couple of years. With the embedded device industry expected to boom further in 2011, security must be tightened.
It is recommended that businesses adopt a risk management strategy, effectively to focus on prevention rather than cure. Ovum also suggests vendors should play an increasing role in improving security on the devices and services they provide.
“Security needs are growing fast,” said Gragam Titterington, analyst at Ovum and author of the report. “Businesses are facing a large-scale, well-organised and well-resourced criminal network which is intent on defrauding them and their customers.”