Business ‘complacent about cybercrime’

ONLY 5% of businesses take adequate steps to protect their confidential data, exposing themselves to attacks from inside and outside the company, says a former White House cyber-security expert.

Howard Schmidt, now CEO of R&H Security Consulting, said last week most companies and government bodies had finally recognised the threat of cyber crime, but only a fraction were combating it properly.

About 5% of businesses were still “in blissful ignorance,” and those that did not incorporate security properly would not be successful, he told a security summit staged by online publishers ITWeb.

The technology exists to solve cyber crime, but it has to be used, he said. Even the US government was prone to lapses, with hackers accessing confidential information on stolen laptops because users did not encrypt it.

True data security demanded a combination of technology, user awareness, and efficient risk management such as access control and intrusion detection. But as companies raised the bar for protecting their data, criminals looked for new ways to circumvent the barriers. Companies should continue to invest in information security and not postpone it to the next financial quarter, because that may be too late, he said.

Research by the IT Compliance Institute has found 87% of companies admit to having had a data breach, and 74% lost customers as a result.

Companies without IT governance procedures suffer an attack rate of once every three years, while those with effective IT governance reduced the risk to an attack every 42 years.

The last big collapse of global internet systems had happened five years ago, showing that the protective measures were pretty good, Schmidt said. Now criminals were concentrating on the vulnerabilities in business software systems.

The next cyber crime wave would target mobile devices, he warned.

Stronger security should be built into mobile devices now rather than the manufacturers waiting for strikes to begin, he said. “We have enough experience behind us to do preventative work and not allow a new generation of things to hit us.”

Cybercrime discussion


Latest news

Partner Content

Show comments


Share this article
Business ‘complacent about cybercrime’