Recent hacks spur new company cyber spending: Survey

LONDON - Almost 60 per cent of top firms in the United States, Canada, Britain and Australia have boosted their spending on cyber defences following the theft of data of millions of customers from US retailer Target and other big companies, a report said on Tuesday.

A survey by BAE Systems Applied Intelligence of senior IT officials in companies ranging from banks to mining, technology and law showed US firms already spending 15 per cent of their entire IT budgets on improving security. The number looked set to rise.

In the United States, 60 per cent of those surveyed said their cyber security budget would increase as a direct result of recent high-profile attacks. That compared to 49 per cent in Britain, 54 per cent in Canada and 64 per cent in Australia.

Between November 27 and December 14, US retailer Target lost details of some 40 million credit and debit card numbers and 70 million customer details to hackers.

Many other firms including banks have also had data stolen either by employees or those who broke into their system from outside.

"New technologies, changing business practices and an increasing reliance on inter-connected critical systems and infrastructure are all increasing our vulnerability to attack," the report said.

"It will be those organisations that truly integrate security intelligence into their operations that will reap the benefits and deliver business growth."

Formerly known as Detica, BAE Systems Applied Intelligence is the cyber arm of the British defence company.

More than 80 per cent of those surveyed expected the number of cyber attacks to rise. Loss of customer data was by far the greatest concern, followed by the loss of trade secrets, reputational damage and interruption of service.

In the United States, 29 per cent of respondents estimated a successful cyber attack could cost their organisations more than US$75 million (S$95 million). Almost half said it could cost more than US$15 million.

The assessment of threat varied somewhat by region and industry, the report said. US firms believed intellectual property that was the second greatest threat to their networks after professional fraudsters while in Britain that place was held by activists, and in Australia by "hobbyist" amateur hackers.