IT departments appear to be getting better at the job of preventing and deflecting security attacks, according to the Computer Security Institute.

The institute's latest survey of security managers and corporate executives finds there were plenty of malware infections, denial-of-service attacks, financial fraud and password sniffing in the last year. But the damage due to these attacks has shrunk.

The report was released on Tuesday. It covered July 2008 to June 2009, revealing that more than 64 percent of companies reported malware infections, up from 50 percent during the same period the previous year.

There were increases in other kinds of attacks, too. Some 29 percent of companies reported being the target of a denial-of-service attack, up from 21 percent the previous year. Despite the increased incidents, losses fell to less than $235,000 per company on average, a decrease of 19 percent compared to the previous year.

While this appears to be good news, it's no time to let down your guard. All signs point to bigger attacks coming from cyberspace and many examples of severe damage.

There are plenty of security tools on the market, but the big question is whether you are willing to pay for them to button down your systems.

"Generally speaking, respondents did not seem to feel that their challenges were attributable to a lack of investment in their security programs or dissatisfaction with the security tools, but rather that, despite all their efforts, they still could not be certain about what was really going on in their environments, nor whether all their efforts were truly effective," the report stated.

For more on cyberattacks:
- see this securityfocus.com article

Related Articles:
Cybersecurity, cloud computing top IT spending list
The underpaid cybersecurity job