It's time to make serious strides towards protecting employees, assets, access and the corporate brand.
Use of the internet for core business activities keeps surging - at a time of global unrest, rising computer crime and network independence. Everywhere we look, new technologies are emerging to feed our seemingly relentless appetite for the new; yet every new technology brings with it new security vulnerabilities.
Small wonder a growing number of analysts and computer security experts are urging us to consider whether we might not, one day soon, finally run out of luck.
It is not as if the warning signs have not been there. The distributed denial of service (DDOS) attacks that crippled Internet leaders over recent years cost giants like Yahoo!, eBay and E*Trade millions of dollars in lost revenues, and even brought down one of the UK's largest Internet service providers (ISPs). And each year the situation worsens, with business's growing dependence on Internet security seemingly an irresistible temptation for those with malicious intent. Disruptive Internet agents such as viruses, spyware, hacker attacks, denial-of-service attacks, attacks on e-mail and Web systems as well as company data and applications have continued to grow.
Yet business's growing dependence on the Internet means every point on every value chain now demands 24x7 applications and data at the ready, as the Internet increases demands of seamless information availability and up-to-the-minute data accuracy. When customers cannot obtain service and transact sales because the information cannot be accessed, systems are down and networks are not available, it is not just online sales that suffer. The brand name is diminished, goodwill goes out the window - and if customer data has also been lost, customers will likely never trust that firm again.
So industry observers and pundits like Aberdeen and Gartner are sounding the alarm bell on the tendency for business to remain far too complacent about the very real risks ahead.
Aberdeen Group reveals Internet-based core business disruptions set off by worms and viruses are costing companies an average of nearly $US2 million in lost revenue per incident, compared to an average cost of just $US74,000 per incident to recover systems and networks to resume normal business operations. Such Internet business disruptions do not just hit e-commerce, but retail, wholesale, manufacturing, government, utility, financial, health-care and other industry sectors equally. Aberdeen puts the median annual revenue loss rate between $US6700 for a $US10 million company to $US20.1 million for a Global 5000 company with $US30 billion revenue.
Customer sales and service functions are just the start of it, with the research showing marked increases in the use of the Internet for other core business functions, including procurement, sourcing, distribution and fulfilment. "Increasing usage of the Internet for these core business functions means that business disruptions from Internet security can seriously impact a company's revenue," Aberdeen analyst Jim Hurley says.
Aberdeen reports most businesses are worried that their operations are exposed to Internet-based threats. For instance, 80 percent of survey respondents indicated that they are worried about network outages, 86 percent are worried about Internet security threats, 84 percent are worried about compromised IT systems, 85 percent are worried about compromises to data integrity, and 71 percent are worried about human errors that may lead to Internet business disruptions.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.