Firms failing to protect systems against crime

Businesses are failing to take adequate steps to secure their IT systems, despite a rise in computer crime over the past 12...

Businesses are failing to take adequate steps to secure their IT systems, despite a rise in computer crime over the past 12 months.

Computer crime now affects 90% of businesses, costing the UK a grand total of £2.4bn a year, according to the National Hi-Tech Crime Unit.

Despite this, 33% of the 200 organisations surveyed for the Hi-Tech Crime Unit said they did not carry out security audits.

Thirty-five per cent of organisations had no crisis management team to deal with incidents, and 33% had no formal risk assessment process.

Staff awareness of potential security risks was also patchy, the survey revealed. Only 28% of firms said their workforce was aware of security issues, although awareness rose to 64% for management and 92% for IT staff.

Most firms had anti-virus software and firewalls, but only 41% had implemented data encryption for laptops and other portable devices connected to their networks.

More than 70% believed they were investing sufficient resources to prevent computer-related crime, rising to 82% in the financial sector.

Eighty per cent said they intended to maintain their security budgets or spend more next year, rising to 95% in financial services.

Viruses, worms and Trojans were the most frequent forms of attack in 2004, with large firms being hit by an average of seven attacks a day. Larger organisations reported damage from virus infections on average once every three days.

Fifteen per cent of company systems had been used for illegal or illegitimate purposes, 14% had experienced denial of service attacks, and 10% experienced data theft. Just over 50% of attacks came from inside the company.

Nearly 66% of those surveyed said they would alert the police to a computer-related crime. 

Cost of e-crime

Viruses, worms and Trojans £677m

Illegitimate use of company systems £46m

Equipment theft £384m

Unauthorised access £44m

Data theft £33m

Sabotage/damage to data £6mor networks

Financial fraud £622m

Telecoms fraud £77m

Cost to companies with more than 1,000 employees

Source:National Hi-Tech Crime Unit/NOP

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.