Companies lose £21bn a year to cyber crime

While China battles with an internet crime wave that even its government must recognise, data theft is a key concern for European risk managers

C omputer crimes (aka cyber risks) are a major concern in China. It’s at the point where an official report from the Chinese authorities (which are not known for their transparency) has stated that cyber crime is growing and is being taken seriously.

“Online fraud, online theft and other forms of crime that encroach on the property of others are increasing rapidly,” said the government white paper The Internet in China. “Crimes such as producing and spreading computer viruses, and computer and network hacking are increasing.”

But China is not the only country with a serious internet security problem (see Risk Atlas, page 28). A recent report from Detica, commissioned by the UK government, estimated that cyber crime costs the UK economy £27bn (€30.5bn) a year. The lion’s share of this figure (£21bn) is stolen from the private sector. It’s unsurprising that recent research by StrategicRISK, which involved in-depth interviews with 30 leading European risk managers, highlighted cyber crime as one of the interviewees’ biggest concerns.

Those companies that rely on the internet to do business are most vulnerable to cyber attacks by criminals, competitors or disenchanted employees. Intellectual property theft or industrial espionage – which Detica says costs UK businesses £9bn a year – is also a big worry for risk managers.

“We put a great deal of effort into security, training and communication about information leaks, because much of the value of our business is tied up in knowledge – and it’s not the kind of knowledge you can put patents or copyrights on,” one risk manager told StrategicRISK.

Risk managers recognise that data theft is not purely an IT issue. It’s clearly necessary to monitor the people handling the information, including those joining and leaving an organisation. Yet several risk managers admit that their security systems are not up to scratch.

As one risk manager puts it: “The biggest possible source of leakage of information walks out of your offices and factories every day – it’s your people.”