Modernizing Authentication ? What It Takes to Transform Secure Access
Dont ask these companies about it, though, because most prefer to be mum about any mishaps, according to a study by the Computer Security Institute (CSI), a trade group serving the information security industry.
Most companies prefer to sweep computer crime under the rug rather than going public, noted CSI director Chris Keating. The good news is that this curtain of silence is slowly lifting, with 25 percent of U.S. companies reporting computer crime today as compared with 20 percent over the previous two years.
The average amount of money lost by each company due to computer-related crime is $167,713, which is down about 18 percent from last year, according to the study. This is still a significant chunk of change, signals that companies are doing a better job at policing their systems and are putting more effort into security measures and education.
San Francisco FBI's Computer Intrusion Squad assisted with the CSI survey, which included nearly 600 companies, many with at least 1,500 employees. Only half of these companies were willing to share information about cybercrime hits to their financial bottom line, however, even though their identities were protected in the survey.
Other leading types of computer crime noted in the results included lost and stolen laptops or mobile hardware and theft of proprietary information or intellectual property.
One caveat to budding cyber-criminals: Companies are beefing up security education and training efforts and plan to invest in more programs in the future. They also prefer to keep their security measures close to the vest; 66 percent of the companies taking part in the survey are avoiding outsourced protective techniques.
More than 80 percent of the companies surveyed also perform regular security audits in order to spot weaknesses or potential attacks.