The Cost Of Fraud
As estimated $595-649 million was the cost of computer-related fraud in 2007 to businesses like yours:
• 14% of surveyed businesses experienced one or more computer security incidents.
• The number of incidents was directly related to size – as your business grows, so does your security risk. All industries appear to be equally at risk.
• 64% of incidents involved virus or malicious code (malware) attacks. The smaller the business the more likely this type of attack, possibly because of low priority placed on malware protection.
• 11% of incidents originated from within the organisation. This could indicate lack of clear policy and/or lack of enforcement.
• The risk of theft or loss of hardware grows with size and was a significant factor for larger businesses.
• 77% of businesses suffering an incident reported subsequent negative effects on their business.
• 40% of negative effects were corruption of hardware, data or software – all of which are likely to entail loss of revenue as the business recovered.
• The costs of computer incidents varies directly with size: Small businesses, $2,431; medium, $12,405; large, $49,246; though the mean loss across retailers of all sizes was $9,870
• Only 8% of victimised businesses reported the incident to police (despite around half of all incidents being other than malware-related).
• 85% of small and up to 98% of large businesses reported using anti-virus software.
• Only 38% of small and 72% of medium business reported issuing or enforcing computer security policies with their staff.
• Only 25% of small and 55% of medium businesses had a data backup policy (this is staggering, given that loss of data these days usually means the business stops!)
* The Australian Business Assessment of Computer User Security Report 2007, Australian Institute of Criminology
What to Do?
1. Ensure you have appropriate malware protection.
2. Get professional help to draft an appropriate IT security policy – or ask for our IT Policy Template.
3. Ensure that every team member understands what your IT Policy requires of them.
4. Back up your data daily – evaluate on-line automatic off-site backup services.
5. Find a reliable IT provider, buy your hardware through them rather than the discounters, and stay on good terms. You may need their security services in a hurry one day.