Data Theft: A $1 Billion Problem for Business?

Businesses risk losing over $1 trillion from loss or theft of data and other cybercrime, according to a study released on Thursday by security technology firm McAfee.

The California-based company launched the survey after detecting a rapid acceleration of malicious software, or "malware," last year, CEO David DeWalt said. Malware increased by 400 percent in 2008, he said.

"This was a very insidious type of malware that was designed either to steal your data, steal your identity, steal your money, and in many cases the scale as well as the sophistication was very alarming," DeWalt said in an interview at the meeting of the World Economic Forum in Davos, Switzerland.

The survey of 800 companies in 8 countries showed that 80 percent of malware aimed to make a financial gain, in contrast to traditional viruses and worms which just had nuisance value.

In the survey, 42 percent of companies said that laid-off employees were the single biggest threat to their data security.

The increase in the availability and power of removable storage, such as mobile phones, laptops, and USB sticks, has made data loss or theft easier. And global supply chains mean that sensitive data is often stored abroad.

DeWalt said the survey showed that the average company has $12 million of data stored outside its home country–often in countries with little intellectual property law.

Data lost accidentally or through theft can be expensive to replace or damaging to a company’s reputation or brand.

In April last year, discount retailer TJX said it would pay up to $24 million as part of a settlement with MasterCard over a security breach that put credit card data for tens of millions of shoppers at risk.

The British government has been repeatedly embarrassed by losses of data, such as when the tax authority, HM Revenue and Customs, lost data on 25 million people exposing them to the risk of identity theft and fraud.

Back to CIO Insight