IMPACTS OF IT SECURITY INCIDENTS OR BREACHES

Businesses which reported an IT security incident or breach were asked about the resulting consequences. The impact most commonly experienced was downtime of service (60%), followed by corruption of hardware or software (48%) and loss of staff productivity (44%).

Impact of IT security incident or breach, by employment size(a)(b), 2007 - 08
	0-4 persons	5-19 persons	20-199 persons	200 or more persons	Total
	%	%	%	%	%
Corruption of hardware or software	47.3	46.9	^55.0	^33.5	48.0
Corruption or loss of data	30.7	31.8	^40.7	18.9	32.2
Downtime of service	58.0	63.0	^59.8	^65.4	60.0
Website defacement	4.8	5.9	8.4	2.5	5.6
Theft or loss of hardware	2.3	4.2	9.3	^23.7	4.0
Theft of business, confidential or proprietary information	3.4	6.0	1.7	^14.8	4.2
Loss of income	9.9	17.1	4.4	2.5	11.6
Loss of staff productivity	33.6	56.9	^51.4	^43.0	43.9
No impact	14.0	6.0	5.4	5.9	10.1
^ estimate has a relative standard error of 10% to less than 25% and should be used with caution
(a) Proportions are of all businesses that experienced an IT security incident or breach in each employment size category.
(b) Businesses could identify more than one option.

By employment size group, for those who reported an IT security incident or breach, downtime of service was highest across each employment group; from 58% of businesses with 0-4 persons employed to 65% for those employing 200 or more persons. Businesses with 200 or more persons employed reported theft or loss of hardware (24%) at twelve times the rate for businesses with 0-4 persons employed.

At the industry level, loss of staff productivity from an IT security incident or breach was most prevalent in Health care and social assistance (64%). An IT security incident or breach resulting in downtime of service was most likely to be experienced by businesses in Wholesale trade (69%).

Previous Page

Next Page