Cybercrime incidents cost Irish businesses average of €135,000
9 August 2013 | 0
The average cost of a cybercrime incident for Irish organisations over the past year was €135,000, according to The Deloitte 2013 Irish Information Security and Cybercrime survey. Conducted in association with EMC, the report also showed that cybercrime costs Irish organisations, on average, 2.7% of annual turnover.
In addition to the costs associated with cybercrime, the number of security breaches experienced by organisations was also significant, with 40% stating their organisation had experienced at least one breach, which they know of, in the past 12 months.
A further 21% experienced between one and five breaches, while 7% said their organisation had experienced more than 20 breaches. Over a quarter (28%) said they were unsure of how many security breaches their organisation experienced in the past 12 months.
In line with last year’s findings, the most common method of breaching security in organisations was hacking (19%), followed by denial of service (14%) and malware (12%).
Identified as the biggest challenge last year, this year employees were second on the list, as identified by 24% of respondents. Lack of funding (13%) was the third biggest challenge. Fifty-five per cent of respondents indicated that all users in their organisation had provided signed acceptance and adherence to security policies, up from 46% last year.
In terms of investment in cybercrime prevention within their organisations, 44% of respondents indicated that there is limited funding available, while a further 14% believed there to be insufficient funding. Encouragingly, 44% are currently recruiting or plan to take on staff over the next one to two years, an increase of 20% on the 2012 findings. Similar to last year’s findings, the main motivation for investment in advanced security technologies, and information security in general, is compliance and reporting, as identified by 45% of respondents.
The survey also investigated areas which can pose additional security risks. With regards to mobile devices, 79% of respondents said their organisation supports corporate mobile devices only, with 31% also permitting the use of employee purchased mobile devices. Half of respondents said that their organisation has implemented specialist technologies to increase mobile security. However 31% indicated that no additional technologies are used to support mobile devices.
In terms of cloud based services which are being used by 60% of respondents, two fifths believed privacy and data protection are the biggest risks associated with the cloud.