Network downtime from security attacks proves costly

By Andrew R. Hickey, Senior News Writer 14 Mar 2007 | SearchNetworking.com

News on networking, mobility and voice Digg This!     StumbleUpon     Del.icio.us

According to the study, "The Costs of Network Security Attacks: North America 2007," large organizations are losing an average of 2.2% of their annual revenue because of security attacks. That may sound relatively small, but when coupled with the extra few percentage points of revenue companies lose to non-security related downtime, the loss is much higher.

Large companies take the biggest hit from security-related downtime, but results show that small and midsized businesses (SMBs) stand to lose about half a percent of their annual revenue to security-related downtime, which can translate to hundreds of thousands of dollars annually.

According to Jeff Wilson, Infonetics' principal analyst, SMBs oftentimes lack the tools and processes to accurately track their downtime. If those tools were in place, Wilson suggests, the total loss of revenue would most likely be significantly higher than the Infonetics study indicates, though it would still fall short of the losses large organizations suffer.

"The point is, they are only reporting to us what they know about," Wilson said. "There are targeted security solutions available for organizations of every size, and I think once they see just how much money they're losing due to security attack downtime, they'll be more interested in making special investments to put a stop to it."

The amount of money lost includes both revenue lost because of slow or non-working systems and also lost productivity when systems are functioning properly.

Wilson said that more than half of the security-related downtime cost for all organizations is due to service degradation, not outright outages, and much of that is considered "hidden downtime," since service degradation often goes unreported.

"In both network and security downtime, a lot is lost to degradation or poor performance," he said. "That's one of those hidden costs."

But those losses can be controlled if users are encouraged to report poor performance, or tools are deployed to monitor the network.

"Many organizations have a hard time closely tracking downtime caused by service degradation because they don't have the proper network management tools to observe and quantify service degradations," the study concludes.

For more information Check out our network security learning guide Read our story on Network Hacking for Dummies

Companies need to weigh the amount of revenue they stand to lose versus how much it would cost to deploy the tools needed to keep the network up and running, Wilson said. Essentially, companies have to weigh loss and spending. If a company is losing $1 million to security-related downtime and could invest $50,000 to chop it in half, the investment would be worthwhile, he said.

"Companies need to look at: What are third-party pressures? What is your risk of loss? And what are your downtime pictures?" Wilson suggested, adding that companies need to "keep track of what they lose and make incremental security investments based on that."

Midsized organizations are most vexed by client malware, while large organizations are hit more by DOS attacks and server malware. Small organizations, on the other hand, suffer fairly evenly from all three attack sources: client malware, DOS attacks and server malware.

Spyware has become a major problem for SMBs, Wilson said. At midsized organizations, a massive 40% of all security-related downtime costs come from spyware alone. That, he said, is caused mostly by lack of acceptable-use policies and lack of tools to protect on the client side.

According to Infonetics, the study was conducted to learn the causes and calculate the cost of security attack downtime, while examining productivity versus revenue losses, outages versus degradations, attack types (such as DOS attacks and client and server malware), and the specific attacks that are most troublesome. The results were tallied from interviews with 240 small, midsized and large companies in North America. Respondents were asked to report the number and duration of outages and service degradations caused by security attacks, annual company revenue and other metrics. Infonetics took that data and used its cost analyzer tools to calculate lost revenue and productivity.

Overall, Wilson said, companies are faring pretty well against security downtime, since the percentage is still relatively low. For large companies, which already have IDS/IPS, firewalls and client security tools in place, the loss incurred may just be the cost of doing business.

"For the most part," he said, "they're doing everything they can right now."

Tags: Network Security Monitoring and Analysis,  Network Performance Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Hospital gains network visibility by convincing vendors to collaborate What software monitors and locks users from accessing my router? Data leak prevention starts with trusting your users NagVis -- 'Nagios: System and Network Monitoring, Second Edition,' Chapter 18 What is a genetic algorithm and where can I learn more about them online? Network Performance Management Virtualization: The next generation of application delivery challenges New skills emerge for network engineering and administration careers Improving the performance of Web traffic and application delivery Network performance management evolution: Involving other IT domains Formula for proper bandwidth utilization on a T1 line The link between network management and application delivery IT automation, automated network management becoming essential Network management and monitoring market remains crowded, fragmented Network configuration flaws block server access and wireless printing Xangati help desk 'DVR' feature speeds up trouble ticketing resolution

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary