Recent hacks spur new company cyber spending: survey

LONDON Tue Feb 25, 2014 12:34pm EST

Shoppers checkout at a Target store in Falls Church, Virginia May 28, 2010. REUTERS/Kevin Lamarque

Shoppers checkout at a Target store in Falls Church, Virginia May 28, 2010.

Credit: Reuters/Kevin Lamarque

Related Topics

LONDON (Reuters) - Almost 60 percent of top firms in the United States, Canada, Britain and Australia have boosted their spending on cyber defenses following the theft of data of millions of customers from U.S. retailer Target and other big companies, a report said on Tuesday.

A survey by BAE Systems Applied Intelligence of senior IT officials in companies ranging from banks to mining, technology and law showed U.S. firms already spending 15 percent of their entire IT budgets on improving security. The number looked set to rise.

In the United States, 60 percent of those surveyed said their cyber security budget would increase as a direct result of recent high-profile attacks. That compared to 49 percent in Britain, 54 percent in Canada and 64 percent in Australia.

Between November 27 and December 14, U.S. retailer Target lost details of some 40 million credit and debit card numbers and 70 million customer details to hackers.

Many other firms including banks have also had data stolen either by employees or those who broke into their system from outside.

"New technologies, changing business practices and an increasing reliance on inter-connected critical systems and infrastructure are all increasing our vulnerability to attack," the report said.

"It will be those organizations that truly integrate security intelligence into their operations that will reap the benefits and deliver business growth."

Formerly known as Detica, BAE Systems Applied Intelligence is the cyber arm of the British defense company.

More than 80 percent of those surveyed expected the number of cyber attacks to rise. Loss of customer data was by far the greatest concern, followed by the loss of trade secrets, reputational damage and interruption of service.

In the United States, 29 percent of respondents estimated a successful cyber attack could cost their organizations more than $75 million. Almost half said it could cost more than $15 million.

The assessment of threat varied somewhat by region and industry, the report said. U.S. firms believed intellectual property that was the second greatest threat to their networks after professional fraudsters while in Britain that place was held by activists, and in Australia by "hobbyist" amateur hackers.

(Reporting by Peter Apps; telephone +44 7990 560586) nL6N0LU3ZC

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see
Comments (1)
markhahn wrote:
We need more honesty in reporting about cyber-crime, and this article doesn’t help at all. Target was appallingly stupid in their data security – it’s not hard or even expensive to do right. You just can’t do it the lazy way, like Target did. CC companies themselves deserve a lot of blame, because they haven’t abandoned inherently insecure mechanisms like swipe.

Ironically, despite today’s news, crypto-coins are showing us the right way to do transactions: non-repudiatable operations requiring no trust. The Target debacle could never have happened if using a “credit card” meant performing a bitcoin-like transaction from the customer’s phone.

Feb 25, 2014 2:11pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.