|
Global heavy losses to insecure data
McAfee based that hefty number on a survey conducted by Purdue University's Center for Information Assurance and Security. Data from over 800 CIOs in the US, UK, Germany, Japan, China, India, and Dubai were examined, especially in regard to the origination, storage, transfer and loss of intellectual property (IP). Combined, companies in the survey lost $4.6 billion worth of IP last year, and spent about $600 million patching up holes from data breaches.
The value of information security
85% of respondents citing damage to reputation and brand as significant, compared with 72% for loss of revenues, 71% for loss of customers. Regulatory sanction is cited by only 68%, while proportion of damage to employee relationships is 49%.
Concern of 2009 is the inside data theft Experts expect the threat to IP to worsen this year as the global economy worsens. The two main threats seem to be cyber gangs and "financially challenged" employees. According to McAfee’s survey on the concern of over 800 CIOs, respondents regarded this second group to be a bigger threat than outsiders. While 39 percent cited outside data thieves as their biggest concern, 42 percent were worried about "displaced" employees looking to improve their situations by selling off vital corporate information. "This report is a wake-up call because the current economic crisis is poised to create a global meltdown in vital information," Dave DeWalt, president and chief executive officer of McAfee. "Increased pressures on firms to reduce spending and cut staffing have led to more porous defenses and increased opportunity for crime. Companies need to stop looking at security as a cost center but as a business enabler."
The trend of security investment worldwide A survey of IT security professionals conducted by Gartner has found that organisations in the Asia Pacific region spend a larger proportion of their IT budget on security than their North American and European counterparts.
Although there is an economic downturn in the
U.S., 40 percent of Asia Pacific organisations surveyed said their 2008 IT
security budget has increased over 2007, while 45 percent claimed it had
remained “about the same”. Next year, most of them expect their IT security
budgets to remain the same or increase in 2008. Ernst & Young also comes to a similar conclusion to increased investments in information security in the next year. Despite tightening economies, they also forecast the enhancement of information security in privacy. 67% of respondents interviewed say they have now implemented controls to protect personal information.
More than half of the security vulnerabilities going unpatched 74% of the security vulnerabilities disclosed during 2008 had no patches available from the vendor by the end of the year, according to a report released on Monday by IBM's X-Force research group. Meanwhile, 46 per cent of vulnerabilities from 2006 and 44 per cent from 2007 still had no patch by the end of 2008, the 2008 X-Force Trend and Risk report said. X-Force documented a record number of 7,406 new vulnerabilities last year. Meanwhile, 46 per cent of all malware attacks last year were Trojans targeting people playing online games and doing online banking, and 90 per cent of phishing attacks targeted financial institutions, according to the report. Most of the spam last year appeared to come from Russia (12 percent), followed by the U.S. (9.6 percent), and Turkey (7.8 percent), although the spam senders could be located in a different location, the report says. China unseated the US as the country hosting the largest number of malicious websites for the first time last year. |
