Symantec has released its annual Internet Security Threat Report, and the numbers are astounding. 

According to the report, malicious attacks on networks skyrocketed by 81 percent in 2011.    The report also highlights that advanced persistent threats, known as APT attacks, are spreading to organizations of all sizes, with the number of daily APT attacks increasing from 77 per day to 82 per day by the end of 2011.   Such attacks are no longer limited to large organizations, as demonstrated by the data in the report.  According to Symantec, more than 50 percent of such attacks target companies with fewer than 250 employees.   It is possible that smaller organizations are now being targeted because they are somehow related to larger companies, through supply chain or other relationships — and they are less well-defended.

The 2011 Report also includes information regarding data breaches.  According to Symantec, approximately 1.1 million identities were stolen per data breach on average in 2011, and hacking incidents exposed 187 million identities in 2011 — the largest number for any type of data breach in 2011.  

Now here comes the “kicker”…….the most frequent cause of data breaches was theft of loss of unencrypted data on a computer or other medium on which data is stored or transmitted, such as a smartphone, USB drive, or a backup device.   These theft or loss related breaches exposed 18.5 million identities.