Skip to main content

Password overload hitting firms' IT security: study

Security breaches from computer viruses, spyware, hacker attacks and theft of equipment are costing British business an estimated 10 billion pounds ($18 billion) a year, according to a survey on Tuesday.

Free Image Hosting at www.ImageShack.us

The loss is 50 percent higher than the level calculated two years ago, said the study by consultancy PricewaterhouseCoopers for the Department of Trade and Industry.

The rise comes despite companies increasing their spending on information security controls to an average 4-5 percent of their IT budget from 3 percent in 2004.

One area of concern for security, the study warned, was the increasing number of user IDs and passwords employees were having to remember.

Larger companies, which tend to be more security-conscious, saw the number and cost of computer security breaches fall, but both rose at smaller firms where controls may be less rigorous.

Firms were asked how much the worst incident last year cost them. For large firms, the average loss was between 65,000 and 130,000 pounds, mostly accounted for by disruption to business.

At small companies, the average loss was between 8,000 and 17,000 pounds.

Industry Minister Alun Michael said while slightly fewer companies overall reported breaches than in 2004, there was no room for complacency.

"The cost of the damage caused by attacks on security has risen as the nature of the attacks has become more serious," he said.

"That's why it's crucial to have good security in place."

Virtually every UK company uses anti-virus software, but a quarter of businesses are not protected against the newer threat of spyware, which can lead to the loss of confidential information.

One in five corporate wireless networks is completely unprotected, with a further one in five operating without encryption, allowing outsiders to eavesdrop on company communications.

Chris Potter from PricewaterhouseCoopers said British business had become more aware of the risks of IT crime, but added that some firms "still seem to believe they are immune to the dangers and don't have even basic security controls in place."

"This is particularly worrying as we see new technologies emerging that pose new threats to UK plc."

Poor IT procedures can make companies vulnerable. The study found that employees have on average to remember three different user IDs and passwords, while in two percent of companies staff have to recall 10 different IDs.

"The more IDs and passwords users have to remember, the more likely the business is to have had unauthorized access," the report said.

PricewaterhouseCoopers interviewed 1,000 companies between October 2005 and January 2006 for the DTI Information Security Breaches Survey.

Comments

Post a Comment

Popular posts from this blog

US says world safer, despite 11,000 attacks in '05

The U.S. war on terrorism has made the world safer, the State Department's counterterrorism chief said on Friday, despite more than 11,000 terrorist attacks worldwide last year that killed 14,600 people. The U.S. State Department said the numbers, listed in its annual Country Reports on Terrorism released on Friday, were based on a broader definition of terrorism and could not be compared to the 3,129 international attacks listed the previous year. But the new 2005 figures, which showed attacks in Iraq jumped and accounted for about a third of the world's total, may fuel criticism of the Bush administration's assertion that it is winning the fight against terrorism. Asked if the world was safer than the previous year, U.S. State Department Counterterrorism Coordinator Henry Crumpton told a news conference, "I think so. But I think that (if) you look at the ups and downs of this battle, it's going to take us a long time to win this. You can't measure this month ...
Post a Comment
Read more

Al-Qaeda number two in new video

Al-Qaeda's number two Ayman al-Zawahiri has appeared in a video saying that Iraqi insurgents have "broken the back" of the US military. He praised "martyrdom operations" carried out by al-Qaeda in Iraq in the video, posted on an Islamist website. And he called on the people and army of Pakistan to fight against President Musharraf's administration. This is the third message from prominent al-Qaeda leaders to emerge within a week. A tape from Osama Bin Laden was broadcast on 23 April, followed two days later by a message from Iraqi insurgent Abu Musab al-Zarqawi. Pakistan focus Zawahiri, who wore a black turban and a white robe in the video, described the leaders of Egypt, Jordan, Saudi Arabia and Iraq as traitors, and urged Muslims to "confront them". He praised Iraqi militants, saying that the US, Britain and allies had "achieved nothing but losses, disasters and misfortunes" in Iraq. "Al-Qaeda in Iraq alone has carried out 800 ma...
Post a Comment
Read more

Does light have mass?

The short answer is "no", but it is a qualified "no" because there are odd ways of interpreting the question which could justify the answer "yes". Light is composed of photons so we could ask if the photon has mass. The answer is then definitely "no": The photon is a massless particle. According to theory it has energy and momentum but no mass and this is confirmed by experiment to within strict limits. Even before it was known that light is composed of photons it was known that light carries momentum and will exert a pressure on a surface. This is not evidence that it has mass since momentum can exist without mass. [ For details see the Physics FAQ article What is the mass of the photon? ]. Sometimes people like to say that the photon does have mass because a photon has energy E = hf where h is Planck's constant and f is the frequency of the photon. Energy, they say, is equivalent to mass according to Einstein's famous formula E = m...
6 comments
Read more