Big Business bears brunt of security attacks

Brief: IT security breaches are making six-figure holes in the bank balances of large firms, according to the DTI's annual security report

The UK business sector is suffering more hacking attacks, viruses and network breaches than ever before, with large companies typically being compromised every week, according to this year's official survey of British IT security.

The DTI Information Security Breaches Survey 2004 (ISBS 2004), published in full on Tuesday, showed that two-thirds of firms fell victim to a network attack in the past year.

The average cost of a serious breach has actually fallen to £10,000, compared to £30,000 in 2002, but with the number of malicious incidents on the rise, the overall cost of IT security breaches remains broadly static.

The results from ISBS 2004 show that many major firms are losing millions through failed IT security. The average cost of a serious break to a large company is £120,000, and these large firms are suffering about four breaches a month -- compared to one a month for all businesses.

Launching this year's report, e-commerce minister Stephen Timms said that the UK has reached a watershed for IT security.

"Until now, it was possible to believe that security problems are something that happened to someone else. That illusion has finally been laid to rest," said Timms.

According to ISBS, just a third of companies -- and two thirds of large firms -- have an IT security policy.

"We can't yet say on the base of this survey that risks are being well-managed by UK companies," Timms said.