02:52 PM
Connect Directly

Corporate Losses From Internet-Based Attacks Average $2 Million

Use of Internet as a business channel also on the rise.

Companies that suffer business disruptions from Internet-based attacks are losing an average of $2 million in revenue, according to a recent study. A survey of 162 companies also found that organizations on average suffered one disruptive incident a year from worms, viruses, spyware or other security-related causes, the Aberdeen Group (Boston) says. Corporate systems were down an average of 22 hours in each attack.

The battle against malicious code (malware) has intensified as companies increase their use of the Internet to generate revenue. According to the survey, which questioned firms from a wide range of industries, including banking, and which was released in July, 75 percent of firms are ratcheting up their Web-based customer sales and services operations, and 55 percent are increasing their use of the Internet for negotiating and buying goods from suppliers. In addition, 48 percent of the respondents are using the Internet more for distributing products and for filling orders than previously.

"Those operations really cover the waterfront," Aberdeen analyst James Hurley says. "Those are most of the core business functions, from supply to customer orders." As a result, "The business imperative to keep these systems operating is on a collision course with not being able to service customers and sales following an attack," he adds.

To combat malware, 82 percent of the companies surveyed implement strategies focusing on strengthening their defenses. The remaining companies were split, with half saying their primary strategy was to clean up the mess following an attack, or to contain damage once it has occurred.

"What that says quite clearly is that organizations have made up their minds on what to do going forward," Hurley says.

About three out of five companies said they need to add security technology but don't know which products they need. "There's a lot of confusion in the market as to what technology to select," Hurley notes.

Beyond technology, companies that are focused on prevention said they needed more staff with strong security backgrounds, the study finds.

Among Aberdeen's recommendations to fend off attacks is for companies to build a profile on their customers and partners using Internet-based systems. Companies, for example, conducting a lot of business with consumers should be prepared to deal with a significant portion of computers infected with viruses, spyware or other dangerous code. Companies engaged in business-to-business transactions should know their partners' and customers' security policies and technology.

This story originally appeared on TechWeb, an online sibling publication of Bank Systems & Technology.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.