SYDNEY: Computer security breaches affected 14 per cent of Australian businesses in 2007 at a cost of about $600 million, according to the latest report from the Australian Institute of Criminology (AIC).
The Australian Business Assessment of Computer User Security (ABACUS) report was based on a national survey of 4000 small, medium and large businesses conducted by the institute to determine their experience of computer security incidents,
“The cost of computer security incidents for Australian businesses in 2007 was estimated at between $595 million and $649 million, while businesses spent as much as $1.95 billion on computer security measures,” said AIC principal criminologist Dr Russell Smith.
Some 85 per cent of businesses reported using one or more computer security tools – usually a type of anti-virus software. The study also showed that 13 per cent of small businesses, 20 per cent of medium businesses and 30 per cent of large businesses were affected by a computer security breach.
The average loss through such incidents during 2006-07 was $360 for small businesses, $2757 for medium businesses and $17,578 for large businesses.
The most commonly reported type of computer security incident involved viruses and malicious code attacks (64 per cent). Of those businesses affected, 40 per cent reported corruption of hardware or software. The majority of businesses dealt with these incidents internally, with only 8 per cent reporting them to the police.
Businesses reported that their security breaches were generally opportunistic rather than targeted. The report also highlighted the need to minimise the incidence of personal data being stolen for use in other offences.
News