New research suggests that incidents of economic crime – including cybercrime – are on the rise in Australia, highlighting the need to invest in information security training for your IT team.
Consulting group PwC recently released the Australian edition of its '2014 Global Economic Crime Survey', which drew attention to the rising number of professional misdemeanours such as procurement fraud and cybercrime. Of particular concern was that criminals are increasingly using IT as an avenue through which to attack businesses.
And if figures published by PwC are to believed, being the victim of a corporate cyber attack can be costly indeed.
In the 2014 edition of the survey, cybercrime was identified as the second biggest economic crime threat around the world, behind asset misappropriation in first place and ahead of procurement fraud. According to PwC, one in 10 organisations in Australia suffered losses of more than AUD$1 million from cybercrime within the last two years.
Almost half (43 per cent) of respondents said that if they were the victim of a cyber attack, the theft or loss of personal identifiable information would be their main concern.
The rise of economic crime, whether of a cyber nature or otherwise, does not appear to be abating any time soon. PwC revealed that well over half (57 per cent) of Australian businesses experienced economic crime at some point in the last 24 months – an increase from the 45 per cent recorded in the 2012 survey.
Richard Bergman, a partner at PwC, said it was encouraging to see the entire organisation – not just the IT department – taking cybercrime seriously.
"Cybercrime is not just an IT issue. Recent high profile data breaches such as the US Target breach have increased the level of awareness and concern among senior management and the board," he said.
"Information is valuable and attackers are determined to get it. Many of the attacks we've recently investigated have targeted merger and acquisition information, and what surprises many organisations is how long attackers are inside their networks before the attack occurs."