IDG News Service - The number of security breaches at large U.K. companies dropped by half over the last two years as larger budgets have been allocated to that area, according to a government-commissioned study released Tuesday.
However, the incidents that do occur are taking a heavier financial toll. The survey estimated that the cost of security incidents to U.K. businesses is 50 percent higher than in 2004, amounting to $17.9 billion annually, according to The Information Security Breaches Survey, which polled 1,000 companies.
The study, conducted every two years, was commissioned by the U.K. Department of Trade and Industry and done by a consortium led by Pricewaterhousecoopers LLP. An abstract of the survey was released in March, and the full results were announced at the Infosec Europe 2006 conference in London.
Overall, the number of businesses with a security incident over the past year dropped from 74% to 64%, the survey said.
"That's good news," said Alun Michael, the minister of state for industry and the regions and member of Parliament. "But it's no cause for complacency."
Large businesses are still much more likely to have a security incident than small ones, and one that is more financially damaging. The survey found the worst incident for large enterprises cost an average of ¿90,000 (U.S.$160,900). Including all sizes of businesses, the average is $21,453, up from $17,878 two years before.
Those figures may have prompted increased funding for security. Between 4% and 5% of IT budgets are dedicated to information security, up from 3% in 2004 and 2% in 2002.
Emerging technologies pose a threat to businesses, the survey said. One in five wireless networks has either no encryption or other protections. Some 25% of businesses are not protected against spyware, and 55% do not employ protection against threats carried on removable media devices, it said.
Forty percent of businesses allow their staffs to use instant messaging programs without controls over its use. Those businesses using VoIP (voice over Internet Protocol) have not evaluated its security risks, the survey said.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
