Cyber Crooks Have Edge

By Greg Hale, ISSSource.com September 15, 2010

Less than 6 percent of respondents were “highly confident” that private enterprises have sufficient controls in place to minimize the occurrence of cyber crime. Almost 40 percent of respondents are “not confident” in controls implemented by private enterprises.

Results from a cyber crime prevention webcast done by Deloitte showed an even split among respondents regarding whether or not their organization was likely to experience an electronic security breach in the next 12 months. Of those polled, 41.7 percent believed it was “likely” or “extremely likely” that an electronic security breach would occur in this time frame, while 38.4 percent felt it was “unlikely” or “extremely unlikely.”

“Cyber crime is far more common and creates a larger threat than respondents may recognize,” said John Kula, director in the forensic & dispute services practice of Deloitte Financial Advisory Services. “Based on the results of this poll, it appears that many organizations are leaving themselves vulnerable to cyber crime because there might be a false sense of security, or perhaps even complacency. Many organizations are failing to recognize the prevalence of cyber crimes in their IT environments and consequently could be misallocating limited resources to lesser threats.”

When asked what their experience was with respect to cyber crime, 68.4 percent said they have received phishing e-mail messages and 12.1 percent of respondents reported cyber criminals targeted their organizations. Participants believed the type of information senior management in their organizations was most concerned with cyber criminals gaining access to, as it pertains to being vulnerable to attempted breaches of electronic information security, was customer personal information (38.1 percent), financial information (21.8 percent), followed by intellectual property or business plans (12.2 percent).

“Cyber crime innovation and techniques have outpaced traditional security models,” said John Clark, partner in the security & privacy services practice of Deloitte & Touche LLP. “That’s what makes it so important to gather intelligence data internally and externally to understand the threats, and then to act on that intelligence. If companies don’t have the tools in place to be informed and to prevent breaches, it could lead to significant risks, potentially leading to financial losses, regulatory issues, and a loss of client and public confidence.”

More than 1,400 business professionals from the aerospace and defense, banking and securities, consumer products, energy and resources, financial services, health care providers, insurance, investment management, life sciences and health care, media and entertainment, oil and gas, process and industrial products, real estate, retail, wholesale, distribution, technology, media and telecommunications industries responded to the online polling questions during the July 2010 Deloitte Private Companies series webcast titled “Cyber Crime: Phishing and Hacking and Fraud, Oh My!”

Supplied by ISSSource.com

https://isssource.com/companies-unarmed-to-fight-cyber-crooks/