Almost half of information technology professionals believe there will be a
major Internet attack on U.S. businesses in the next year, an event for which
they believe corporations are unprepared, according to a survey released
The Business Software Alliance's survey found that 47 percent of corporate network administrators believe that U.S. businesses will be attacked in the next year, compared with 19 percent who believe that such an attack would not occur. Moreover, only 19 percent believe their company was ready for such an attack, while 45 percent thought their company was unprepared.
"The results are not encouraging," said Robert Holleyman, president and CEO of the BSA. "This substantially involves more than intrusions into Web sites."
It's the second survey in two months to conclude that there were network vulnerabilities. A study published by the software business lobbying group last month indicated that IT pros believed government computers were at risk as well. Together, the reports form a core part of a BSA initiative supporting the passage of legislation to create, among other things, the Department of Homeland Security proposed by President Bush and an exemption from the Freedom of Information Act for companies that report intrusions.
"There needs to be incentives for businesses to release information about intrusions," he said, adding that the BSA supports the FOIA language in a House bill. "I think companies want to do the right thing."
About two-thirds of the IT professionals said they believed that businesses risk a major cyberattack in the future, and more than half said that danger has increased since the Sept. 11 terrorist attacks.
U.S. Rep. Billy Tauzin, R-La., chairman of the House Energy and Commerce Committee and a vocal supporter of the Department of Homeland Security, said that legislators have only recently become aware of the dangers of computer attacks.
"Thanks for scaring us with this; we need to be more sensitive," he said.
The newest survey, which polled more than 600 information technology professionals and 1,000 American adults, found that two-thirds of IT pros said there was a gap between the reality of an attack and companies' ability to defend.
"This is absolutely critical," Holleyman said. "Cybersecurity needs to be a top priority."
Tauzin said the report was timely because of a vote that is scheduled in the House of Representatives on Department of Homeland Security.
"This report is a wake-up call to the private sector," Tauzin said. "They have as much to worry about as the public sector."