- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
While the cost of fending off hackers appears to be dropping for U.S. companies, attacks that involve unauthorized access to information are becoming much more costly, according a survey recently published by the Computer Security Institute and the FBI.
The survey, which included about 700 respondents from the government and a variety of industries, found that average losses related to computer attacks dropped by 61% in 2004. On average, companies say computer and network attacks cost them $204,000 last year, down from an average of $526,000 in 2003. The report did not explain how specific factors, such as loss of employee productivity or security consultant fees, contributed to these costs.
This marks the fourth consecutive year that this number has declined, says Robert Richardson, report co-author and editorial director of CSI, an association of computer and network security professionals in San Francisco.
Part of the reason for the drop is that companies have become better at protecting themselves, Richardson says. "For your run-of-the-mill virus , your average organization has that under control," he says. "There's a very fast reaction on the part of anti-virus vendors, and there are automated pathways to update the virus data on enterprise networks."
However, the cost of information theft jumped considerably in 2004. "To some degree, the heat of hacker activity has moved to identity theft," Richardson says.
The survey found that the average net loss attributable to unauthorized information access increased from more than $51,000 in 2003 to more than $300,000 last year. Attacks that resulted in the theft of proprietary information cost companies more than $355,000 on average in 2004, up from $169,000 the previous year.
CSI's survey was done in conjunction with the San Francisco division of the FBI's Computer Intrusion Squad.
Given the demographics of the survey's participants, it's not surprising that they're suffering less damage from attacks. "We ask people who care about security," Richardson says. "They care enough [about security] to be members of a professional organization, so my hunch is they're trying to get better at security."
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment