Online attacks on firms worldwide up by 48%, employees most likely the culprits: Survey

SINGAPORE - At least one online attack is launched on a company worldwide every second, and former and current employees are the most likely culprits, said an annual global information security survey by audit giant PwC.

According to the global survey of more than 9,700 respondents, more than 40 million security incidents were reported so far in 2014, an increase of 48 per cent compared to the previous year.

Another key finding was that former and current employees are most likely to be culprits of security breaches. Yet "key insider-threat safeguards" are declining, said the Global State of Information Security Survey - the largest scale of its kind.

Fewer companies reported having security programmes for their employees this year and the number of checks on the companies they have outsourced work to has gone down too.

Budgets to combat the rising number of attacks has also decreased, by about 4 per cent, though this was because companies reported "very significant increases over 2012", said Mr Jimmy Sng, a partner at PwC, at a media briefing on Wednesday.

That year, investments in information technology expanded by 40 per cent and security spending increased by 51 per cent.

It is difficult to keep with such these high figures, added Mr Sng.

Companies with revenues less than US$100 million (S$127 million) said they reduced security investments by 20 per cent over the past year, and medium and large companies reported a 5 per cent increase in security spending.

This is the 17th year that PwC has conducted this online survey.

awcw@sph.com.sg