Government Technology

Survey: Costs of Cybercrime Overtake Physical Crime

March 18, 2006 By

Sixty-one percent of respondents believe it is the joint responsibility of both the federal and local law enforcement agencies to help combat organized cybercrime

Nearly 60 percent of U.S. businesses believe that cybercrime is more costly to them than physical crime, reports a recent IBM survey of companies in the healthcare, financial, retail and manufacturing industries. The costs resulting from cybercrime, these businesses report, are primarily from lost revenue, loss of current and prospective customers and loss of employee productivity.

Surveying 600 CIOs or other individuals qualified to answer questions about their company's IT practices, the IBM survey reveals that 84 percent of IT executives of U.S. businesses believe that organized criminal groups possessing technical sophistication are replacing lone hackers in the world of cybercrime. The threat from unprotected systems in developing countries is a growing challenge, according to almost three-quarters of respondents. And, alarmingly, almost three-quarters (74 percent) perceive that threats to corporate security are now coming from inside the organization.

These views come as a majority of respondents (61 percent) believe it is the joint responsibility of both the federal and local law enforcement agencies to help combat organized cybercrime. These responses by businesses are in stark contrast to consumer beliefs. A recent IBM survey of consumers showed that 53 percent of Americans hold themselves most responsible for protecting themselves from cybercrime, while 11 percent felt it was the job of federal law enforcement agencies, and only four percent hold local law enforcement agencies responsible.

"U.S. IT executives are making it very clear how seriously they take cybercrime threat, both from internal and external sources," said Stuart McIrvine, director of IBM's security strategy. "Paralleling their growing awareness of the impact of cybercrime on their business is the view that this is not a battle they can fight wholly on their own. The nature of crime is changing, and businesses, technology providers and law enforcement must work together to ensure the right safeguards are being put in place to securely operate in today's environment."

Taking Action

In light of the growing threat of cybercrime, many companies have increased their security measures to guard against cybercrime. According to the IBM survey, 83 percent of U.S. organizations believe they have safeguarded themselves against organized cybercrime, and they are responding to the increased/changing threat of cybercrime in a number of ways:

  • Upgrading virus software (73 percent)
  • Upgrading their firewall (69 percent)
  • Implementing intrusion detection/prevention technologies (66 percent)
  • Implementing vulnerability/patch management system on network (53 percent)
When asked which two initiatives were the most important to undertake over the course of the next year, IT business executives in the U.S. indicated upgrading their virus software (39 percent) and upgrading their firewall (32 percent) were of highest priority.

Global Comparison

IBM conducted the same survey in 16 additional countries to better gauge the attitudes regarding cybercrimes and their impact on international businesses. Both cybercrime and physical crime are viewed as considerable threats to U.S. and international organizations. And, when it comes to cost impact, both groups agree that cybercrime (57 percent of U.S. and 58 percent of international businesses) is more costly to their organizations than physical crime (43 percent and 42 percent, respectively).

However, while 83 percent of U.S. businesses boast that they have adequate safeguards in place to combat organized cybercrime, their international counterparts are not so confident, with just over half (53 percent) indicating they are prepared.

In combating cybercrime, there are some slight differences between U.S. and international IT business executives regarding their priority initiatives. The top two initiatives for U.S. businesses are upgrading their virus software (39 percent versus 24 percent of international businesses) and upgrading their firewall (32 percent). For international businesses, implementing intrusion detection/prevention technologies (33 percent versus 20 percent of U.S. businesses) and upgrading their firewall (27 percent) were the highest priorities. Just seven percent of U.S. businesses thought increasing the encryption of their files was a high priority while almost one-fifth (18 percent) of the international community thought this to be a higher priority.

| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers