A survey commissioned by the Department for Business, Enterprise and Regulatory Reform (BERR) has revealed that UK companies are spending three times as much of their IT budget on security as they were six years ago.
The 2008 Information Security Breaches Survey was carried out by a consortium led by professional services company PricewaterhouseCoopers and the results were revealed at the Infosecurity Europe event in London this week. The survey showed that the average UK firm spends 7 per cent of its IT budget on security, compared to 2 per cent in 2002.
During that time the total cost of security breaches to UK firms has fallen 35 per cent, although a quarter of businesses reported a serious security breach in the last two years. The survey demonstrates that companies are becoming more security savvy, demonstrated by the more than 90 per cent that back up critical systems, have implemented spam filters, firewalls, anti-virus and anti-spyware software and have encrypted wireless network transmissions.
55 per cent of firms now have a documented security policy, compared to 27 per cent in 2002, while 40 per cent give their staff ongoing security training, double the amount that were doing so in 2002.
But the survey also reveals many companies have a worryingly lackadaisical approach to other aspects of security. 84 per cent do not check to ascertain whether outgoing email contains confidential information and 78 per cent that had been victims of computer theft did not encrypt hard discs. 72 per cent do nothing to prevent data leaving on portable memory devices, 52 per cent do not carry out a formal security risk assessment and 48 per cent have not tested their disaster recovery plans in the last year.
35 per cent exercise no controls on their staff using instant messaging, 21 per cent spend under one per cent of their IT budget on security and 10 per cent of websites accepting payment details do not encrypt them. Despite the drop in the cost of security breaches to the UK economy, only 17 per cent of businesses expected the numbers of incidents to fall next year.
Parliamentary under secretary of state for BERR Shriti Vadera said: "New technology is a key source of productivity gains, but without adequate investment in security defences these gains can be undermined by IT security breaches. The survey shows increasing understanding by business of the opportunities and threats, but challenges remain."
Chris Potter, partner at PricewaterhouseCoopers, said: "There are still some fundamental contradictions. Some 79 per cent of businesses believe they have a clear understanding of the security risks they face, but only 48 per cent formally assess those risks. Also, 88 per cent are confident that they have caught all significant security breaches, but only 56 per cent have procedures to log and respond to incidents. The survey also shows 71 per cent have procedures to comply with the Data Protection Act, but only 8 per cent encrypt laptop hard drives. Businesses all need to ensure that their defences are sound if they want to continue to enjoy the benefits that technology brings.”
Exhibitor and visitor numbers expected to be up on last year, but major names are looking elsewhere, writes Doug Woodburn 11 Apr 2008
New survey shows incidence and costs of attacks falling 22 Apr 2008
Firms could do more to improve security, according to survey on IT breaches 22 Apr 2008Annual trade show will see the launch of the annual Information Security Breaches Survey 17 Apr 2008
Increasing sensitivity about corporate repuations is spurring actions on leaks 25 Apr 2008
Attacks become less frequent but more targeted as the online security of business improves 22 Apr 2008
Report claiming solar panels take over 100 years to recoup their value is just plain wrong, say manufacturers 05 Sep 2008
New hybrid hatchback designed to make dual-drive vehicles more affordable 05 Sep 2008
Republican attempts to highlight differences over energy policy as both candidates pledge to deliver US energy independence 05 Sep 2008
More news
Once your company has gathered up all the low-hanging fruit, what comes next? Sarah Fister Gale finds that the answer lies in everything from multi-million dollar energy efficiency programmes to printers powered by exercise bikes 03 Sep 2008
Slow journey times mean airships are highly unlikely to replace passenger jets, but, as Danny Bradbury discovers, a flotilla of new companies are convinced that low-fuel costs mean the old-fashioned aircraft could have huge appeal to freight operators 02 Sep 2008
Recent claims from the oil giant's chief executive suggesting tar sand extraction is required to slow the shift to coal may have caught the eye, but as BusinessGreen.com discovers they do not make much sense 28 Aug 2008 More in-depth
Post your comment
Send an email to the Business Green editor at feedback@businessgreen.com
