Cyber espionage: Firms fail to take threat seriously
Cyber spies pose major threat but businesses are ill prepared, says Ovum...
Enterprises are underestimating the seriousness of the threat posed by cyber espionage, according to Ovum.
A study by the analyst firm found that many businesses have not taken adequate steps to prevent computer-based industrial espionage and consequently are "vulnerable" to attack.
Businesses are not taking adequate steps to defend themselves against cyber espionagePhoto: Shutterstock
Graham Titterington, author of the report and Ovum principal analyst, warned: "Cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information.
"They want valuable information such as product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim."
The report's findings should not only be taken seriously by businesses that deal primarily with financial data, according to Ovum. Titterington stresses that "almost every organisation has sensitive information that would damage it if it were to be leaked out; however, many have overlooked cyber espionage in their preoccupation with preventing the theft of financial data".
He added: "This needs to change, and enterprises need to wake up to the danger posed or risk losing valuable information and having to deal with the consequences".
One of the approaches proposed by the report is that businesses should maximise the use of shared data infrastructure and services to discourage individual users from making their own copies of data.
"Every piece of stored data and every copy of this data is a potential leakage incident as it gives spies more potential targets to attack," Titterington said.
The Ovum report Protecting against cyber espionage follows the publication of government figures suggesting that cybercrime is costing the UK £27bn annually. But security minister Baroness Pauline Neville-Jones recently said cybercrime is one type of law-breaking where prosecution is not the answer.