It seems it's becoming almost normal for companies to experience some kind of major network security breach these days.
In just May and June, Citigroup, Nintendo, Google, PBS, Lockheed Martin, NASA, Fox Broadcasting Corporation and Sony Online Entertainment have all been hit by targeted online attacks aimed at disrupting corporate operations and, in some cases, stealing sensitive information.
Other high-profile organizations, including RSA, Epsilon, the International Monetary Fund and the Oak Ridge National Laboratory have also experienced network intrusions.
A new survey conducted by Ponemon Research on behalf of the networking equipment and software firm Juniper Networks quantifies the real threats companies face in protecting themselves from these attacks.
[Analyst: Cybercrime Is 'Spiraling Out Of Control']
According to the survey, "Perceptions About Network Security," 90 percent of the 583 companies polled said they've suffered a network security breach at the hands of hackers at least once in the past year.
Those don't include website hacks, which are annoying but often not serious, or denial-of-service attacks, which are more like roadblocks than actual hacks.
A company's website is its public face; its internal networks are its concealed valuables. If hacking a website is akin to throwing toilet paper onto a company's front lawn, then hacking into its internal networks is like breaking into its house and stealing its jewelry.
Among that 90 percent of respondents who said they'd been hacked into, there are some even more revealing statistics.
Fifty-nine percent of the surveyed companies — which range from organizations with less than 500 employees to others with more than 75,000 — admitted to experiencing two or more breaches, and 41 percent of respondents said their network intrusions had cost their company $500,000 or more.
(Many companies never publicly disclose network breaches, which means the security situation among corporations may be much worse than the public is aware of.)
Not surprisingly, the IT employees in charge of keeping their companies secure and deflecting cyberattacks fear security may be an uphill battle.
Of those polled, 34 percent of respondents said they have "low confidence in the ability of their organization's IT infrastructure to prevent a network security breach," the Juniper Networks survey said.
This could be in part to the growing sophistication of cyberattacks. Even while "hacktivist" groups such as Lulz Security and Anonymous make headlines for showy attacks upon the websites of the CIA, the U.S. Senate, PBS and so on, far more skilled criminals and spies penetrate deep into corporate and government networks, silently stealing information, often never to be discovered.
