Cyber attacks top business risk fears

Cyber attacks are the top business risk for 77% of European companies

Cyber attacks are the top business risk for 77% of European companies, according to research by software and IT services supplier Symantec.

Fear of cyber attacks far outranksother business risks as a top concern, a survey of IT security professionals at 477 large European organisations revealed.

The survey of mainly IT managers (81%) showedinternal threats were a top concern for only 31% of organisations, followed by conventional crime (29%) and natural disasters (24%).

Most of those surveyed (95%) said their organisations had experienced cyber attacks in the past two years. More than a quarter said they had seen a large or extremely large number of attacks.

More than a third (35%) said the attacks had been effective against their organisation, 26% rated the attacks as "somewhat ineffective" and only 15% described the attacks as "highly ineffective".

"Increased losses due to cyber attacks is one of the biggest reasons this has overtaken all other business risks," said Jim Hart, manager of security analysis in the EMEA region at Symantec.

Most respondents (98%) reported tangible losses from cyber attacks, mainly due to lost productivity (20%) and revenue (19%), direct costs (14%) and loss of customer trust (13%).

Some 57% said they expect cyber threats to increase in the next two years, but 60% said it was getting more difficult to provide defences against these threats.

Nearly two-thirds (64%) blamed the large number of threats. Other factors include insufficient staff (56%), increasing regulatory demands (51%) and lack of budget (45%).

Two-fifths said they are understaffed. The biggest problems are finding skilled staff (42%), lack of funds to hire staff (36%) and members ofstaff being laid off (32%).

Most European organisations (77%) are outsourcing some or all their IT security to meet the increasing challenges.

"For many organisations, particularly in the current economic conditions, outsourcing is the common-sense answer to the problem," said Hart.

Nearly two-thirds (65%) of respondents said they are using outsourcing to provide round the clock security support.

Other top reasons for outsourcing IT security include lower costs (55%), access to expertise (53%), predictability of costs (46%) and lower risk (45%).

Read more on IT risk management