Study Says Security Breaches Getting Worse

It's funny: There hasn't been a severe computer virus outbreak (serious enough to grab national headlines) for about three years. But maybe the virus world slowing down has caused security pros to rest on their laurels: Viruses may not be so bad for now, but outright security breaches (through hacking or other exploits) are apparently getting worse.

A study from industry group CompTIA and market research company TNS has found that, while the overall number of security breaches has remained about the same, the severity of those breaches has become considerably worse in 2007. On a scale of 1 to 10, IT managers reported that security breach severity ranked a mere 2.3 in 2005 and a 2.6 in 2006. But this year that number has jumped up to a 4.8, a significant increase in how badly these breaches have impacted their companies.

The average cost of a security breach was measured at about $369,000, with employee productivity reduction, server downtime, and revenue-generating activity impairment comprising the bulk of the cost breakdown. Also of interest: One in four breaches originated from within the company rather than from an external hacker.

The full study should be available from CompTIA's website in the near future along with additional insights. Meanwhile, if you're a business owner, consider investing more in network intrusion prevention and detection tools rather just than the usual antivirus software.