IT security is more important to companies than ever before as four fifths of companies giving a high or very high priority to information security, the 2008 Information Security Breaches Survey (ISBS) carried out by PricewaterhouseCoopers has found.
As businesses continue to grasp the opportunities provided by new technology – 97% now have a broadband connection – there has been a significant improvement in controls, particularly in basic good practice such as anti-virus and backups.
Consequently, spending on IT security has tripled over the past six years, resulting in the overall cost to UK security breaches dropping by a third. Despite this the annual cost to companies still runs into several billion pounds.
There is more good news – 45% of businesses reported a security breach in the last year which is down from 62% in 2006. The average cost of the incident is highly variable and usually depends on the size of the business, ranging from an average of £15,000 among small businesses to £1.5m per security breach for a very large company.
Andrew Beard, director at PricewaterhouseCoopers said that despite the more positive findings business must not become complacent. “This response would be dangerous. Attitudes and controls in some companies mean that incident statistics are probably understated.”
Beard went on to comment that companies need to protect themselves today for the risks of tomorrow. “Businesses need to respect the opportunities that ecommerce represents but also consider their duty to protect its users in the long term future.”
© Crimson Business Ltd. 2008
