In the face of growing evidence that cybercriminals are increasingly focused on intellectual capital and other proprietary business information, many organizations around the globe are nevertheless unlikely to investigate breaches and/or take remedial action. Only a quarter of organizations conduct forensic analysis of a breach or loss, and only half take steps to remediate and protect systems for the future after a breach or attempted breach, according to survey data in the McAfee-Science Applications International Corp. (SAIC) report "Underground Intellectual Capital and Sensitive Corporate Data Now the Latest in Cybercrime."
The survey asked more than 1,000 senior IT decision makers in the United States, United Kingdom, Japan, China, India, Brazil and the Middle East about their organizations' concerns and practices around protecting sensitive data. "We're seeing a shift in what sophisticated hackers are going after," says Scott Aken, VP for cyberoperations at SAIC. "When we asked particular questions in terms of importance of data, the only thing they talked about was intellectual capital."
More than half of the organizations surveyed have, at some point in their history, decided not to further pursue or investigate a security incident because of the cost. On the other hand, the majority of companies are reporting significant data breaches. More than 70 percent of the companies surveyed--including all of the U.S. and Japanese companies surveyed--either report all data breaches/losses or all except for those that are deemed small or insignificant.
Companies in other countries are more inclined to pick and choose what they report and/or report breaches only when they feel they are under legal obligation. By and large, reporting is a painful exercise for companies, as about half are concerned about reputation damage as their No. 1 concern in the event of a breach. They reported the average cost of a breach at about $1.2 million.
Almost half of respondents reported that they would take particular data off the network in order to protect it from being leaked, choosing security over availability. The respondents said client/supplier data, employee data and trade secrets are the best protected information.