High Price Of Enterprise Cyber Attacks Revealed

The heavy price of cyber attacks and the corporate security measures to tackle them has been revealed, after a Symantec study found that cyber attacks are costing enterprises around $2 million (£1.3m) per year.

Symantec’s 2010 State of Enterprise Security study showed that the frequency of attacks against enterprises is rising, with 29 percent of enterprises reporting increased attacks in the last 12 months. Furthermore, 75 percent of organisations admitted they have experienced cyber attacks in the past 12 months.

Somewhat worryingly, 36 percent rated the attacks as somewhat/highly effective. Indeed, every enterprise (100 percent) that was surveyed said they had experienced cyber losses in 2009.

The main losses are associated with “theft of intellectual property”, as well as “theft of customer credit card information or other financial information”. The third most common loss is the “theft of customer personally identifiable information”.

The Symantec survey also revealed that these enterprise losses translated to monetary costs 92 percent of the time. The top three costs were productivity, revenue, and loss of customer trust.

In the UK, the Office of the Information Commissioner (ICO) has warned that businesses which do not own up to data breaches will face tougher action than those that come forward of their own volition. The ICO has been given the power to issue large fines for any serious data breaches.

And the Symantec survey also revealed the high cost associated with providing corporate security measures, with enterprises reporting they were spending an average of $2 million (£1.3m) annually to combat cyber attacks.

“Protecting information today is more challenging than ever,” said Francis deSouza, senior vice president of enterprise security, at Symantec. “By putting in place a security blueprint that protects their infrastructure and information, enforces IT policies, and manages systems more efficiently, businesses can increase their competitive edge in today’s information-driven world.”

Interestingly, 42 percent of organisations rated security as their top issue, which they regard as more pressing than the combined worries of natural disasters, terrorism, and traditional crime. Indeed, the seriousness with which enterprises view their security is reflected by the fact that, on average, IT assigns 120 staffers to security and IT compliance.