Businesses must ensure they have comprehensive security and backup plans for corporate and customer data due to the rising number of cyber security attacks, a new security survey warns.
The results also show 43% of companies in Australia and New Zealand believe cyber security is the top issue affecting their business.
The Symantec Enterprise Survey, which interviewed 2,100 companies around the world, found 89% of companies surveyed in Australia and New Zealand reported a cyber attack in 2009, with the average cost at $2 million.
The company defines a cyber-attack as an incident where there has been a loss of some type of information, including intellectual property, credit card information or other private information, which has been conducted by penetrating a web security wall.
Additionally, 34% said the number of attacks had increased in the last 12 months with the three most common crimes reported as loss of credit card information, intellectual property theft and theft of private information.
A whopping 100% of companies within Australia and New Zealand said they intend to make changes to their security within the next 12 months, with 42% expecting major changes.
Craig Scroggie, managing director for Symantec Australia and New Zealand, says the results show businesses are taking the threat of cybercrime seriously.
“Cyber-risk is a bigger concern than managing traditional crime. The example I like to use is that banks used to fear someone walking in with a gun and telling them to hand over the money. But the fact is, hundreds of thousands of attacks are happening every hour and they are targeting finances.”
Additionally, Scroggie says a number of companies still aren’t protecting themselves against the increased number of attacks, and recommends SMEs take exhaustive measures to secure their systems.
“Firstly, companies must protect infrastructure, securing desktops, laptops, web portals and so on. They must also have a backup and recovery strategy, because often businesses can survive an initial attack but won’t be able to put their site back up afterwards, putting them out of business.”
Scroggie also says businesses must work to secure private information of both customers and employees, and actually work at enforcing cyber security policies rather than having arbitrary rules.
“You need to operate in a secure environment where you can give customers the confidence that they are being protected, because cyber attacks often affect the reputation of companies affected.”
“Another point to consider is that companies don’t often think about security until they have a problem. If you’re in a car and driving along the road, you don’t look at the brakes and the steering wheel, you look at the road to see what’s coming. Security is like that, and companies really need to pay attention… there are a variety of real-time security intelligence programs to use for this.”