For the year of 2002 the NHTCU (National Hi-Tech Crime Unit) commissioned a survey to learn more about the true nature of hi-tech crimes. The survey focused on UK businesses and a sample of 105 organisations were surveyed. Those that took part in the study were among senior decision makers some directly responsible for security strategy in their organisation.
Out of those 105 businesses there were over 3000 recorded incidents, 40% suffered theft of hardware other than laptops, and 15% suffered loss of proprietary information.
Although only 15% of the 105 businesses suffered loss of proprietary information, it was worked out that on average it costs UK business £4.38M (GPB) in loss of business, replacing equipment and/or services.
A more detailed white paper on this survey can be downloaded from here .
Reported Vulnerabilities & Incidents
According to the CERT® Coordination Center year on year the number of reported incidents increases. Likewise year on year software has become more complex and more prone to vulnerabilities. The table below shows how the number of reported vulnerabilities has increased.
It is for these reasons it is vital you manage your business and its security policy.
Note as of 2008 CERT no longer collect this information however following the trend and the fact software is becoming more and more complex meaning more and more vulnerabilities it is predicted the number of incidents will be in excess of 12.5K by the end of 2010.