U.S. Survey Reveals Spending Gaps Could Lead to a Future Dark Ages

What would be the cost of upgrading your company’s cyber security capabilities? A better question is: What would be the cost in lost revenues and damaged infrastructure if you didn’t? According to recent estimates, businesses such as banks, utilities and telecommunications spend, on average, $5.3 billion annually to protect themselves against cyber attack, and that is only against 69% of the threats out there. If they were to institute enough cyber security to protect themselves against 95% of cyber attacks, the highest attainable level by some accounts, it would increase their costs ninefold to $46.6 billion per year, according to a recent report by www.bloomberg.com.

If left unchecked, potential cyber attacks could literally put the U.S. into a Dark Age. So the ramifications of not protecting our vital infrastructure far outweigh the costs of implementing better protections — a fact that is not lost on politicians in Washington, DC. All of this discussion of the need for increased cyber protection for our nation's utilities, banks, and other vital areas that make our country run, has spurred efforts by the U.S. Congress and the president to enact legislation aimed at shielding essential elements of our nation’s infrastructure, such as water-treatment facilities and the national power grid, from harm. And while hardening these systems would require a big investment, the consequences if we don’t invest could be devastating.

The survey, the first of its kind to attach a price tag to cyber security, was garnered from responses of a mixture of 172 companies and governmental agencies. To help facilitate responses and alleviate security concerns, survey respondents were granted anonymity.

Spurred by such recent high-profile breaches as those against the Sony Corporation and Citigroup Inc., legislation is scheduled to be brought before the congress in mid-February. The bill in question is akin to a proposal from the Obama Administration in May 2011 that called for identification of critical infrastructure by the Department of Homeland Security and the development of cyber security standards to help protect this infrastructure.

For more information about U.S. cyber security and future investment in preventing cyber attacks, visit: http://www.bloomberg.com/news/2012-01-31/cybersecurity-disaster-seen-in-u-s-survey-citing-spending-gaps.html