SYS-CON MEDIA Authors: Elizabeth White, Sean Houghton, Glenn Rossman, Ignacio M. Llorente, Xenia von Wedel

News Feed Item

BAE Systems Applied Intelligence Reveals That 60% of US Businesses Have Increased Cyber Security Spend Following Recent Wave of Cyber Attacks on Target and Other Organizations

BAE Systems Applied Intelligence today quantifies the extent of the impact on US businesses of the wave of recent high-profile cyber attacks in December 2013 and January 2014. New research conducted this month reveals that the attacks on international businesses, including banks and retail giants such as Target, led to a significant 60% of US businesses surveyed increasing their cyber security budget. Of those businesses planning to increase their cyber security budget over the next 12 months, a resounding 78% cited the recent attacks as having a significant influence on their decision.

The international research also found that 53% of US companies surveyed now regard the threat from cyber attacks as one of their top three business risks, mirroring the recent warning from the World Economic Forum that cyber attacks are among the 5 biggest threats facing the world in 2014.1 The research details business concerns and opinion around cyber and indicates a strong demand from major global companies for greater intelligence about the nature of new cyber threats and a better understanding of business vulnerability.

The new findings come as BAE Systems Applied Intelligence releases “Business and the Cyber Threat: the rise of Digital Criminality”, which found that the majority of US respondents (82%) expected the number of targeted cyber attacks to increase over the next two years.2 It was immediately striking that organized groups of fraudsters were identified by the highest number of respondents in both the US (52%) and across the survey group as a whole (55%), as the group considered most likely to mount attacks. This would seem to point to a concern around the potential damage of cyber-enabled fraud attacks of precisely the nature experienced by Target and others.

The research also showed that businesses believe that their increasing exposure to cyber threats, caused by new ways of working, poses a risk as they adapt business practices to keep pace with the hyper-connected world. For example, 72% of North American respondents thought the cyber risk posed by mobile technologies was a significant risk but only 61% were confident they understood the risks.3

Faced with these challenges, it was alarming to note that a significant proportion of respondents - around a third (31% in the US and 30% globally) - still did not believe that their Board of Directors fully understood the risks presented by cyber. To investigate further, the research then explored which tools respondents believed would help their Boards to take greater action to prevent cyber attacks. Having a clearer understanding of vulnerabilities (advocated by 53% of respondents in the US and 50% overall) and having intelligence about upcoming threats (44% in the US and 47% overall) proved the most popular responses.

Martin Sutherland, Managing Director, BAE Systems Applied Intelligence, said:

“What this research clearly shows is that US businesses are increasingly aware of the cyber threat and have a range of counter measures in place. However, digital crime as a whole - a dangerous combination of organized groups of criminals using cyber techniques to carry out financial crime - is also a major concern, particularly since the most recent wave of high-profile attacks.

“And as the number of avenues open to criminals in a hyper-connected world increases, we are seeing a genuine hunger from businesses for a clearer understanding of their own vulnerabilities and up to the minute cyber threat intelligence.”

Further US findings:

  • Cost: 29% of respondents estimated a successful cyber attack would cost their organization more than US$75 million, a further 20% said more than US$15 million.
  • Cause of attacks: The group identified as most likely to mount target attacks by the highest number of US respondents was organized groups of fraudsters (55% of respondents). Americans were more concerned about those involved in industrial espionage than any other market (47% compared to 40% in Canada, 37% in the UK and 35% in Australia).
  • Concern: When asked what they would be most concerned about in the event of a successful attack, the most common response in the US was loss of customer data (61%). The second ranking concern amongst US respondents was theft of intellectual property – with Americans noticeably more concerned about IP theft than other markets (47% or respondents compared to 38% in Canada, 35% in the UK, and 43% in Australia).
  • Confidence: A substantial majority (88%) were confident in their organization’s ability to prevent targeted cyber attacks. A smaller, but still large majority (77%), were confident in their sector’s ability to prevent attacks.
  • Crisis Plans: 28% of US organizations surveyed still did not have, or were unaware of, crisis plans in the event of a cyber attack on their company. Of those respondents who did have crisis plans, 56% thought these were well publicized. In Canada 70% of those surveyed said they had crisis plans, but only 37% of those with plans said they were well publicized.
  • Convergence: Of those respondents who had encountered cyber-enabled fraud, 55% of US respondents and 50% of Canadian respondents expect cyber to play an increasing role in financial fraud.

Martin Sutherland, Managing Director, BAE Systems Applied Intelligence, continued:

“The recent attacks demonstrate that there is no ‘silver bullet’ and a combination of robust processes, and controls, user awareness and vigilant security operations all have to play a part in protecting the enterprise. However, these approaches are only as good as the information used to implement them.

“In order to adapt to the ever evolving threat landscape, companies will also need to develop holistic threat intelligence management programs supported by security platforms that not only provide the raw intelligence data but also the ability to process and analyze large amounts of complicated information as quickly and clearly as possible.”

BAE Systems Applied Intelligence continues to develop ground breaking analytics tools that enable businesses to make the best possible use of all the threat data and intelligence they receive in order to defend themselves and their customers from digital criminality and keep one step ahead of an increasingly sophisticated group of adversaries.

We will be at stand 2226 in the South Exhibition at RSA 2014, for those visiting the show this year.

The full report can be found at: http://www.baesystems.com/ai/cyberthreat

Notes to editors

  1. From Global Risks 2014, published by the World Economic Forum in January 2014.
  2. Our North American report, “Business and the Cyber Threat: the rise of Digital Criminality”, is based on 350 online interviews conducted by Ipsos MORI with strategic and IT decision makers in private sector companies in the US (300) and Canada (50), carried out online using a business panel in Fall 2013. Participants were drawn from companies with a turnover in excess of US$470 million (Canadian $522 million) from a range of business sectors including Financial Services (Banking and Insurance), Telecoms, Energy, Transportation, Technology, Engineering, Mining, Legal, Media and Pharmaceutical. Additional research conducted with 151 respondents in North America was conducted online in February 2014 among a comparable audience.
  3. This refers to respondents scoring 4 or 5 out of 5, where 5 means ‘Very significant’ or ‘Very confident’ and 1 means ‘Not at all significant’ or ‘Not confident at all’
  4. Please contact us for a copy of the full report, or visit http://www.baesystems.com/ai/cyberthreat

About BAE Systems Applied Intelligence

We deliver solutions which help our clients to protect and enhance their critical assets in the intelligence age. Our intelligent protection solutions combine large-scale data exploitation, ‘intelligence-grade’ security and complex services and solutions integration.

We operate in four key domains of expertise: cyber security, financial crime, communications intelligence and digital transformation.

Leading enterprises and government departments use our solutions to protect and enhance their physical infrastructure, mission-critical systems, valuable intellectual property, corporate information, reputation and customer relationships, competitive advantage and financial success.

Applied Intelligence is part of BAE Systems, a global defense, aerospace and security company with approximately 90,000 employees worldwide. BAE Systems delivers a wide range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. For more information, please visit www.baesystems.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring. Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function - to allow businesses to move fast and stay sa...
SYS-CON Media announced today that Sematext launched a popular blog feed on DevOps Journal with over 6,000 story reads over the weekend. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Sematext is a globally distributed organization that builds innovative Cloud and On Premises solutions for performance monitoring, alerting an...
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally. DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
SYS-CON Media announced today that Aruna Ravichandran, VP of Marketing, Application Performance Management and DevOps at CA Technologies, has joined DevOps Journal’s authors. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Aruna's inaugural article "Four Essential Cultural Hacks for DevOps Newbies" discusses how to demonstrate the...
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are conf...