|[February 24, 2014]
BAE Systems Applied Intelligence Reveals That 60% of US Businesses Have Increased Cyber Security Spend Following Recent Wave of Cyber Attacks on Target and Other Organizations
NEW YORK --(Business Wire)--
BAE Systems (News - Alert) Applied Intelligence today quantifies the extent of the
impact on US businesses of the wave of recent high-profile cyber attacks
in December 2013 and January 2014. New research conducted this month
reveals that the attacks on international businesses, including banks
and retail giants such as Target (News - Alert), led to a significant 60% of US
businesses surveyed increasing their cyber security budget. Of those
businesses planning to increase their cyber security budget over the
next 12 months, a resounding 78% cited the recent attacks as having a
significant influence on their decision.
The international research also found that 53% of US companies surveyed
now regard the threat from cyber attacks as one of their top three
business risks, mirroring the recent warning from the World Economic
Forum that cyber attacks are among the 5 biggest threats facing the
world in 2014.1 The research details business concerns and
opinion around cyber and indicates a strong demand from major global
companies for greater intelligence about the nature of new cyber threats
and a better understanding of business vulnerability.
The new findings come as BAE Systems Applied Intelligence releases
"Business and the Cyber Threat: the rise of Digital Criminality", which
found that the majority of US respondents (82%) expected the number of
targeted cyber attacks to increase over the next two years.2
It was immediately striking that organized groups of fraudsters were
identified by the highest number of respondents in both the US (52%) and
across the survey group as a whole (55%), as the group considered most
likely to mount attacks. This would seem to point to a concern around
the potential damage of cyber-enabled fraud attacks of precisely the
nature experienced by Target and others.
The research also showed that businesses believe that their increasing
exposure to cyber threats, caused by new ways of working, poses a risk
as they adapt business practices to keep pace with the hyper-connected
world. For example, 72% of North American respondents thought the cyber
risk posed by mobile technologies was a significant risk but only 61%
were confident they understood the risks.3
Faced with these challenges, it was alarming to note that a significant
proportion of respondents - around a third (31% in the US and 30%
globally) - still did not believe that their Board of Directors fully
understood the risks presented by cyber. To investigate further, the
research then explored which tools respondents believed would help their
Boards to take greater action to prevent cyber attacks. Having a clearer
understanding of vulnerabilities (advocated by 53% of respondents in the
US and 50% overall) and having intelligence about upcoming threats (44%
in the US and 47% overall) proved the most popular responses.
Martin Sutherland, Managing Director, BAE Systems Applied
"What this research clearly shows is that US businesses are increasingly
aware of the cyber threat and have a range of counter measures in place.
However, digital crime as a whole - a dangerous combination of organized
groups of criminals using cyber techniques to carry out financial crime
- is also a major concern, particularly since the most recent wave of
"And as the number of avenes open to criminals in a hyper-connected
world increases, we are seeing a genuine hunger from businesses for a
clearer understanding of their own vulnerabilities and up to the minute
cyber threat intelligence."
Further US findings:
Cost: 29% of respondents estimated a successful cyber attack
would cost their organization more than US$75 million, a
further 20% said more than US$15 million.
Cause of attacks: The group identified as most likely to mount
target attacks by the highest number of US respondents was organized
groups of fraudsters (55% of respondents). Americans were more
concerned about those involved in industrial espionage than any other
market (47% compared to 40% in Canada, 37% in the UK and 35% in
Concern: When asked what they would be most concerned about in
the event of a successful attack, the most common response in the US
was loss of customer data (61%). The second ranking concern
amongst US respondents was theft of intellectual property -
with Americans noticeably more concerned about IP theft than other
markets (47% or respondents compared to 38% in Canada, 35% in the UK,
and 43% in Australia).
Confidence: A substantial majority (88%) were confident
in their organization's ability to prevent targeted cyber attacks. A
smaller, but still large majority (77%), were confident in their
sector's ability to prevent attacks.
Crisis Plans: 28% of US organizations surveyed still
did not have, or were unaware of, crisis plans in the event of a
cyber attack on their company. Of those respondents who did have
crisis plans, 56% thought these were well publicized. In Canada 70% of
those surveyed said they had crisis plans, but only 37% of those with
plans said they were well publicized.
Convergence (News - Alert): Of those respondents who had encountered
cyber-enabled fraud, 55% of US respondents and 50% of Canadian
respondents expect cyber to play an increasing role in financial
Martin Sutherland, Managing Director, BAE Systems Applied
"The recent attacks demonstrate that there is no 'silver bullet' and a
combination of robust processes, and controls, user awareness and
vigilant security operations all have to play a part in protecting the
enterprise. However, these approaches are only as good as the
information used to implement them.
"In order to adapt to the ever evolving threat landscape, companies will
also need to develop holistic threat intelligence management programs
supported by security platforms that not only provide the raw
intelligence data but also the ability to process and analyze large
amounts of complicated information as quickly and clearly as possible."
BAE Systems Applied Intelligence continues to develop ground breaking
analytics tools that enable businesses to make the best possible use of
all the threat data and intelligence they receive in order to defend
themselves and their customers from digital criminality and keep one
step ahead of an increasingly sophisticated group of adversaries.
We will be at stand 2226 in the South Exhibition at RSA (News - Alert) 2014, for
those visiting the show this year.
The full report can be found at: http://www.baesystems.com/ai/cyberthreat
Notes to editors
From Global Risks 2014, published by the World Economic Forum
in January 2014.
Our North American report, "Business and the Cyber Threat: the rise of
Digital Criminality", is based on 350 online interviews conducted by
Ipsos MORI with strategic and IT decision makers in private sector
companies in the US (300) and Canada (50), carried out online using a
business panel in Fall 2013. Participants were drawn from companies
with a turnover in excess of US$470 million (Canadian $522 million)
from a range of business sectors including Financial Services (Banking
and Insurance), Telecoms, Energy, Transportation, Technology,
Engineering, Mining, Legal, Media and Pharmaceutical. Additional
research conducted with 151 respondents in North America was conducted
online in February 2014 among a comparable audience.
This refers to respondents scoring 4 or 5 out of 5, where 5 means
'Very significant' or 'Very confident' and 1 means 'Not at all
significant' or 'Not confident at all'
Please contact us for a copy of the full report, or visit http://www.baesystems.com/ai/cyberthreat
About BAE Systems Applied Intelligence
We deliver solutions which help our clients to protect and enhance their
critical assets in the intelligence age. Our intelligent protection
solutions combine large-scale data exploitation, 'intelligence-grade'
security and complex services and solutions integration.
We operate in four key domains of expertise: cyber security, financial
crime, communications intelligence and digital transformation.
Leading enterprises and government departments use our solutions to
protect and enhance their physical infrastructure, mission-critical
systems, valuable intellectual property, corporate information,
reputation and customer relationships, competitive advantage and
Applied Intelligence is part of BAE Systems, a global defense, aerospace
and security company with approximately 90,000 employees worldwide. BAE
Systems delivers a wide range of products and services for air, land and
naval forces, as well as advanced electronics, security, information
technology solutions and customer support services. For more
information, please visit www.baesystems.com.
[ Back To Homepage ]