A Quarter of Companies Fear Major Security Breaches Could Cost Customers Their Lives

Survey finds even commercial enterprises have to worry about life and death issues if they suffer a major security breach 

San Mateo (US) and London (UK), May 29 2012 – Over a quarter of companies believe that if their sites go down or they suffer a major security breach it could potentially cost customers’ their lives. That’s according to a survey released today by AlienVault, the security management experts who conducted a survey amongst 300 IT security experts – with the majority polled from some of the biggest companies in Europe, including many public sector organisations.

Chinese are most feared for snooping!

When asked who they most feared would violate their privacy, the answer was overwhelmingly the Chinese, with 40% of respondents admitting this was the country that worried them the most. The U.S. government and Russians tied at 13%; and the UK government trailed slightly at 12%. Aliens and Israeli’s came out at 4% each. Just 5% felt confident enough to claim they were not worried about anyone violating their privacy. (See footnotes[1], [2], [3] for links to relevant blog entries on this topic.)

While the alien response might be considered tongue in cheek, the fact that as a nation the UK has concerns of being victim to other governments ‘spying’ is indicative of the prevalence of such practices. In fact, while the UK government is prohibited from breaching the privacy of its own citizens (although some headlines suggest the practice not only exists but is rife), it’s perfectly legal for the U.S. to snoop on us and sell the information back to our authorities.

Barmak Meftah, CEO and president of AlienVault, explained the relevance of these findings, “We know that if a government site or a national critical infrastructure is hacked it will cost lives, but it’s the impact for private companies that is all too often ignored. If a commercial enterprise holds personal information about people’s private lives, it could prove critical—even a matter of life or death. For example, recently a dating site was hacked and the implications to its members are potentially huge. The risk of individuals becoming victims to stalking, if that was the intention of the hacker in this case, is just one illustration, but the severity is ultimately dependant on who is behind the attack.”

Inside Staff a bigger threat than hackers!

However, the insider threat is still the largest factor facing organisations today. Seventy-one percent of the people surveyed worry that it’s their own staff who pose the biggest threat to their data. This far outweighs that of hackers (28%), consultants and other third parties (7%), and just 5% cited the government.

When looking at ways to improve security, 83% believe the open source community could collaborate better. This is exactly the premise behind AlienVault – it grew out of the open source community. Barmak concludes, “We launched the AlienVault Open Threat Exchange recently to encourage security information sharing across both our open source users and commercial customers. We recognise that the way to beat the hackers is to facilitate collaboration among all members of the security community. But the talents and inputs of the open source community, in particular, are critical. They are on the front lines of innovation and represent an incredibly diverse universe of organizations and geographies. Encouraging them to collaborate even more will be essential to staying ahead of the ever-evolving threat landscape.”

About the Survey

The survey was conducted amongst 300 IT professionals at Infosecurity Europe in April 2012. See graphs of the survey data here.