number of companies falling victim to online crimes has almost doubled since
2000, according to a new report.
the past year, half of 1,000 UK companies surveyed fell victim to viruses,
hacking attacks, fraud, and other information security breaches.
survey, conducted by PricewaterhouseCoopers on behalf of the DTI, said the 50
per cent crime rate compares to one quarter in 2000 and less than one in five
Information Security Breaches Survey 2002 shows that while companies are
embracing the information economy and identify information security as a
priority, most do not invest enough money in security systems.
report said the average cost of each serious breach is £30,000, and several
companies reported incidents costing them more than £500,000.
of UK businesses surveyed believe they hold sensitive or critical information,
but only 25 per cent have a security policy in place to protect it.
survey found that while information security issues are now higher on the board
agenda – with three-quarters of identifying it as a high priority for senior
management compared to half in 2000 – there is a clear gap between this and
25 per cent spend more than 1 per cent of their IT budget on security. Three to
5 per cent is the suggested minimum level, rising to an average of 10 per cent
in high-risk sectors such as financial services.
Potter, partner at PricewaterhouseCoopers, said: "While UK businesses are
using the internet to become increasingly successful and information driven,
the failure to consider the increasing threats to information security is
costing companies, both large and small, dearly.
they have embraced e-business, both through giving employees access to the web
and e-mail and doing business through their websites, this has opened up a whole
new set of risks. Billions of pounds are lost each year due to security
breaches. The value of this is the equivalent of giving everyone working in a
UK company an extra day’s holiday each year."