The survey – produced in collaboration with the Fraud Advisory Panel, PricewaterhouseCoopers, the ArmorGroup and the Nottingham Trent University International Fraud Prevention Research Centre – states that two-thirds of those businesses surveyed have suffered from a 'serious incident' (ie hacking, virus attack or credit card fraud) in the past year.
Hackers and viruses are the main deterrent to doing business, it seems, with 45% of all cybercrime committed by the former. Former employees (13%), organised crime (13%) and current employees (11%) account for the remainder.
The survey also pinpoints that the source of threats varies between sectors. Terrorists are viewed as an important source of threats by security professionals working in the manufacturing sector, but less so to those operating in the retail and service spheres. Similarly, threats from current and former employees are a higher priority in the telecommunications and technology sectors than they are in the financial services sector.
For many of the 150 organisations surveyed the loss of reputation – through adverse publicity and loss of client trust – is a far greater fear than financial loss. Some 69% of respondents consider their e-business financial loss to be negligible. For its part, credit card fraud represents a mere 4% of the most serious incidents of cybercrime in 2001.
The survey advocates the need for a co-ordinated approach to understanding and minimising the risks of cybercrime and, as such, sets out key recommendations for businesses and their security staff, Government and advisory bodies.
Security teams should review their company's Internet strategies and related risk management at Boardroom level. They must also emphasise the need for training in the field, and look to raise awareness of the issue among members of staff.
Source
SMT
