“Crime’s gone digital. New technology has enabled old crimes to be committed in new and more subtle ways”.
Earlier this year Detica, in partnership with the UK’s Government Office of Cyber Security and Information Assurance, conducted a report into the cost of cyber crime. The report concluded that the estimated cost of cyber crime to the UK per annum was £27 billion. And whilst a significant amount of this had an impact on the government and individuals, the majority, a huge £21 billion, was accounted for by UK businesses.
The report also acknowledged that the full economic impact of cyber crime went beyond the estimate in their study. This is seemingly because so many cyber attacks are not reported. Businesses are wary of the brand damage that can be done by a cyber attack, and often will try and keep it out of the media.
The estimated £21 billion cost to UK business in 2010 is broken down as follows:
- £9.2 billion per annum on IP theft
- £7.6 billion per annum from industrial espionage
- £2.2 billion per annum from extortion
- £1.3 billion from online theft
- £1 billion from the loss or theft of customer data
These amounts do not take into account the potential brand damage that cyber crime can have on a business. Indeed the report comments that:
“The results of this study suggest that businesses need to look again at their defences to determine whether their information is indeed well protected. Encouraging companies in all sectors to make investments in improved cyber security, based on improved risk assessments, is likely to considerably reduce the economic impact of cyber crime on the UK.”
Since the release of this report we have seen high profile attacks on major brands, government agencies, stock markets and social media sites. The simple fact is that the longer you wait to address your cyber security, the greater the risk you expose your business to. Cyber crime is becoming more frequent, and presents one of the greatest dangers to businesses in this modern, data driven economy.
IT Governance is a specialist in IT Governance and information security and recommends business align themselves with ISO 27001, the internationally recognised information security standard. Until the end of August they have a fabulous offer on their No 3 ISO 27001 toolkit, which will help your business create an ISO 27001 compliant information security management system.