ICSA Labs’ 7th Annual Virus Prevalence Survey Shows Infection Rate Of Malicious Code Increasing

Survey of 300 Companies and Government Agencies Highlights Virus Trends and Need for Improved Security Methods and Policies

HERNDON, Va.–March 4, 2002–ICSA Labs(R), an independent division of TruSecure(R) Corporation, a leading managed security services provider, today announced the results of the 7th Annual ICSA Labs’ Virus Prevalence Survey. The survey shows conclusively that despite increased spending, the rate of malicious code infection continues to rise.

The survey gathered data from 300 companies and government agencies to describe the virus problem in computer networks, including desktop computers. The survey was sponsored by Gantz-Wiley Research, Network Associates (NYSE: NET), Panda Software and Symantec Corporation (Nasdaq: SYMC).

ICSA Labs conducts the Virus Prevalence Survey to track virus trends and frequency to understand how corporations and government agencies are combating malicious code. The survey points to several trends taking shape in 2002, including what types of malicious code pose the greatest threat and what factors will contribute to a rising infection rate.

Other key trends highlighted in this year’s survey include:

– An increase in the number of multiple vector threats–similar to Nimda, more worms and viruses will attempt to exploit vulnerabilities in multiple vectors.

– The proliferation of host-based threats–worms such as Code Red and Nimda show a trend of malicious code that infect and propagate through Internet host computers.

– The creation and continuation of factors that contribute to rising infection rates–these include new virus types, increased use of multiple email programs, new replication vectors and expanded forms of connectivity.

“Although companies are spending more money and applying more technology to the problem of viruses and worms than ever before, malicious code is keeping pace,” said Dr. Peter Tippett, chief technologist at TruSecure Corporation. “Organizations need to examine their security policies and practices to ensure they are getting the most out of their existing resources. At the same time, anti-virus vendors need to provide more heuristic tools and software vendors must offer more secure applications.”

Other key findings of this year’s Virus Prevalence Survey include:

– The average company spends between $100,000 and $1,000,000 in total ramifications per year for desktop-oriented disasters (both hard and soft costs).

– In addition to being more prevalent, computer viruses were more costly, more destructive, and caused more real damage to data and systems than in the past.

– File corruption and data loss are becoming much more common, although loss of productivity continues to be the major cost associated with a virus disaster.

“Effective security practices and policies are essential in helping organizations reduce their exposure to malicious code,” said Larry Bridwell, content security programs manager, ICSA Labs and co-author of the survey. “In today’s environment, an unknown threat is much more likely to cause a virus disaster than a known threat due to the speed at which viruses propagate. Anti-virus vendors and end-user organizations can no longer take a reactive approach to combating these threats.”

To receive a copy of the 7th Annual ICSA Labs Virus Prevalence Survey or to speak with ICSA Labs regarding the results of the survey, please contact Siobhan Gallagher or Jason Morris of Schwartz Communications (781-684-0770, trusecure@schwartz-pr.com) or Cynthia Smith of TruSecure (703-480-8509, csmith@trusecure.com).

About ICSA Labs

ICSA Labs, established in 1989, works to build consortia of leading security vendors to set baseline level criteria for product testing and certification. As the industry leader, ICSA Labs sets the standard by performing extensive research as well as tracking and measuring risks. Hundreds of the world’s top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests 95% of products in key technology categories such as anti-virus, cryptography, PKI, IPSec, VPN, firewall, PC firewall, intrusion detection and content security.

About TruSecure Corporation

TruSecure provides global 10,000 companies with comprehensive enterprise risk-management programs that assure the ongoing security of their critical systems and information. By integrating disparate security products and processes into a comprehensive risk-management program, TruSecure helps hundreds of companies achieve greater risk reduction at lower cost. ICSA Labs is the security industry’s central authority for product standards and testing, and today certifies more than 95 percent of the market’s anti-virus software, network firewalls, cryptography and IPSec products. TruSecure’s monthly magazine, Information Security(R), is the industry’s leading trade publication. Based in Herndon, VA, TruSecure Corporation is privately-held with investors including J. & W. Seligman & Co., J.P. Morgan Partners, Weston Presidio Capital, Greylock and WaldenVC.

For more information about TruSecure, please visit www.trusecure.com.


TruSecure, ICSA Labs, ICSA and Information Security are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners.

Don't miss