U.S. Businesses: Cost of Cybercrime Overtakes Physical Crime15 March 2006
Nearly 60 percent of U.S. businesses believethat cybercrime is more costly to them than physical crime, reports arecent IBM survey of companies in the healthcare, financial, retail andmanufacturing industries. The costs resulting from cybercrime, thesebusinesses report, are primarily from lost revenue, loss of current andprospective customers and loss of employee productivity.
Surveying 600 CIOs or other individuals qualified to answer questions abouttheir company's IT practices, the IBM survey reveals that 84 percent of ITexecutives of U.S. businesses believe that organized criminal groupspossessing technical sophistication are replacing lone hackers in the worldof cybercrime. The threat from unprotected systems in developing countriesis a growing challenge, according to almost three-quarters of respondents.And, alarmingly, almost three-quarters (74%) perceive that threats tocorporate security are now coming from inside the organization.
These views come as a majority of respondents (61%) believe it is the jointresponsibility of both the Federal and local law enforcement agencies tohelp combat organized cybercrime. These responses by businesses are instark contrast to consumer beliefs. A recent IBM survey of consumers showedthat 53 percent of Americans hold themselves most responsible forprotecting themselves from cybercrime, while 11 percent felt it was the jobof federal law enforcement agencies, and only four percent hold local lawenforcement agencies responsible.
"U.S. IT executives are making it very clear how seriously they takecybercrime threat, both from internal and external sources," said StuartMcIrvine, director of IBM's security strategy. "Paralleling their growingawareness of the impact of cybercrime on their business is the view thatthis is not a battle they can fight wholly on their own. The nature ofcrime is changing, and businesses, technology providers and law enforcementmust work together to ensure the right safeguards are being put in place tosecurely operate in today's environment."
Taking Action
In light of the growing threat of cybercrime, many companies have increasedtheir security measures to guard against cybercrime. According to the IBMsurvey, 83 percent of U.S. organizations believe they have safeguardedthemselves against organized cybercrime, and they are responding to theincreased/changing threat of cybercrime in a number of ways:
-- Upgrading virus software (73%);-- Upgrading their firewall (69%);-- Implementing intrusion detection/prevention technologies (66%); and-- Implementing vulnerability/patch management system on network (53%) When asked which two initiatives were the most important to undertake overthe course of the next year, IT business executives in the U.S. indicatedupgrading their virus software (39%) and upgrading their firewall (32%)were of highest priority.
How the Industries Differ
IT executives in the Finance industry tend to be more concerned than theircounterparts in other industries about the threat of cybercrime versusphysical crime (50% cite it as a bigger threat versus 38% of the totalsurveyed). Respondents in Finance also perceive a greater cost impact fromcybercrime than IT executives in other industries (71% versus 57%). TheHealthcare and Manufacturing industries also find cybercrime to be morecostly to their organization than physical crime, while the Retail industrystill sees physical crime as having the greatest cost impact.
Retail respondents cite loss of revenue as having the greatest cost impactassociated with cybercrime. Healthcare and Finance executives believe lossof prospective customers has a greater impact than do their counterparts inRetail and Manufacturing. Manufacturing respondents view damage tobrand/reputation as far more of a concern (52%) than in the Healthcare(40%), Financial (35%), and Retail (32%) segments.
Global Comparison
IBM conducted the same survey in 16 additional countries to better gaugethe attitudes regarding cybercrimes and their impact on internationalbusinesses. Both cybercrime and physical crime are viewed as considerablethreats to U.S. and international organizations. And, when it comes to costimpact, both groups agree that cybercrime (57% of U.S. and 58% ofinternational businesses) is more costly to their organizations thanphysical crime (43% and 42%, respectively).
However, while 83 percent of U.S. businesses boast that they have adequatesafeguards in place to combat organized cybercrime, their internationalcounterparts are not so confident, with just over half (53%) indicatingthey are prepared.
In combating cybercrime, there are some slight differences between U.S. andinternational IT business executives regarding their priority initiatives.The top two initiatives for U.S. businesses are upgrading their virussoftware (39% versus 24% of international businesses) and upgrading theirfirewall (32%). For international businesses, implementing intrusiondetection/prevention technologies (33% versus 20% of U.S. businesses) andupgrading their firewall (27%) were the highest priorities. Just sevenpercent of U.S. businesses thought increasing the encryption of their fileswas a high priority while almost one-fifth (18%) of the internationalcommunity thought this to be a higher priority.
The U.S. and international business community share the same concerns whenit comes to the key costs associated with cybercrime. Both groupsindicated that loss of revenue (63% U.S. versus 74% international) and lossof current customers (56% U.S. versus 70% international) would have thehighest cost impact should their organization fall victim to a cybercrime.Damage to their brand/reputation is of much higher concern to internationalbusinesses than those in the U.S. Over two-thirds (69%) of internationalbusinesses cited this to be a key cost associated with cyber-crime,compared to only 40 percent of U.S. businesses. Conversely, legal fees areconsidered to be a key cost in the U.S. (33%) while of less concerninternationally (19%). U.S. businesses are equally concerned about the lossof their current and prospective customers (56% for each) compared to theinternational community which is more concerned with losing currentcustomers (70%) and less concerned about losing prospective customers(33%).
Methodology: Braun Research, Inc. conducted the survey on behalf of IBM.A total of 601 telephone interviews were conducted with U.S. businesses inthe healthcare, financial, retail and manufacturing industry sectors duringthe period of December 2005 to January 2006, and 2,401 internationalbusinesses in sixteen countries (China, UK, India, Russia, Poland, CzechRepublic, Germany, Spain, Italy, France, Argentina, Brazil, Australia,Mexico, Japan, and Canada) during January 2006. Eligible respondents wereat the CIO level, a VP or higher reporting directly into a CIO, or otherindividuals who were well-versed and qualified to answer questions abouttheir company's IT practices. The survey was fielded at the 95 percentconfidence level with a margin of error of +/-2 percent for the globalresults and +/-8% for the U.S. results.
About IBM
IBM is the world's largest information technology company, with 80 years ofleadership in helping businesses innovate. Drawing on resources from acrossIBM and key IBM Business Partners, IBM offers a wide range of services,solutions and technologies that enable customers, large and small, to takefull advantage of the new era of on demand business. For more informationabout IBM, visit http://www.ibm.com.
Contact:Adam EmeryIBM Corporation914-766-4696adame@us.ibm.com
SOURCE: IBM
Source: marketwire
All trademarks and copyrighted information contained herein are the property of their respective owners.
The Shield Pro 2006
Related Articles
|
