Firms see rise in hacking, leaks

Nearly 80 percent of the world's companies believe they face increasing external information security threats such as hacker attacks and vicious competition, while their safety capabilities have fallen far behind the climbing risk level, according to an Ernst & Young (EY) report released Tuesday.

The company surveyed 1,836 companies, including around 100 from the Chinese mainland, and found that 77 percent of organizations have noticed escalating external threats, with 46 percent having faced leaks of information by their own employees in 2012.

"Implementing information security transformation to close the ever-growing gap between vulnerability and security does not require complex technology solutions. Rather, it requires leadership, as well as the commitment, capacity and courage to act - not a year or two from now, but today," said Keith Yuen, EY Greater China Advisory partner.

While cloud computing raises companies' cost efficiency level, it could increase the risk of information leakage, said Lin Yumin, EY Greater China Advisory director.

"Cloud computing adoption has doubled from 2010 to 2012, but 38 percent of respondents indicated that they have not taken measures to mitigate the risks," Lin said.

Other factors that are threatening companies' information systems include the use of mobile devices such as smartphones and tablet computers, as well as the increasing number of employees who use social media to share information.

"The results reveal an explosion of internal and external information exchange, making related security controls more problematic," Lin said.

The report also shows that 62 percent of companies said that a limited budget is the major hurdle that is preventing them from establishing information security policies, and 43 percent said that they need skilled labor in security management for them to reach their safety goals.

Yuen said that financial institutions and banks are the most frequent targets of external attacks, and firms that operate in the high-tech industry and hold valuable research data may see their employees selling their information.

Ji Chendong, an industry analyst with consultancy Frost & Sullivan, told the Global Times Tuesday that while Chinese companies also face limited budgets and a shortage of talent, the fact that they lack the awareness to set up information security systems is the biggest problem.

"Western companies usually have chief information officers to handle information security issues, but most Chinese firms do not have that position," he said.

"Chinese companies are more interested in investing in machinery and financial projects that could give them an instant boost in profitability, and ignore the long-term benefits a safe information system would bring," Ji noted.