IT managers now believe that cybercrime is more costly to their organisations than physical crime. And many fear their own users more than they do hackers. That's according to a survey carried out by Braun Research on behalf of IBM, the company surveyed more than 2,400 IT managers in 16 countries to gauge their views on computer security.
Nearly 60 percent of managers surveyed thought that cyber-crime was more costly than more traditional,. physical crime. Even more alarmingly, nearly three-quarters of IT managers (74 percent) believe that there are more threats from their own users.
There were some stark differences between the countries: US managers were more confident that they had safeguards in place, 83 percent of them boasted that they had adequate saefguards in place to combat cybercrime, that's compared to just 53 percent of their international counterparts who could make such a claim.
However, US managers are almost as fearful of lawyers. Thirty three percent of US managers were worried about the legal costs associated with cybercrime, twice as many as in the rest of the world.
There are differences in how the different countries look at different technologies too. US IT managers regard keeping anti-virus software and firewalls up to date; using intrusion detection and prevention technologies, and implementing vulnerability/patch management on their networks as the three most important measures.
In contrast, international managers place a higher priority on IPS/IDS technologies (33 percent compared with 20 percent in the US) and on file encryption (18 percent compared with 7 percent of US businesses).
Rather surprisingly, more international managers were worried about the damage to a company's brand or reputation. Sixty nine percent of worldwide executives were worried about this, only 40 percent of US managers were similarly concerned.
"IT executives are making it very clear how seriously they take cybercrime threat, both from internal and external sources," said Stuart McIrvine, director of IBM's security strategy. "Paralleling their growing awareness of the impact of cybercrime on their business is the view that this is not a battle they can fight wholly on their own. The nature of crime is changing, and businesses, technology providers and law enforcement must work together to ensure the right safeguards are being put in place to securely operate in today's environment."