How to Leverage the Explosion in Internet Security Problems

By Geoffrey James

Internet security will be one of the biggest areas of software spending over the next few years, according to the market research firm Gartner. That’s great news if your software has any features that improve security, provided you move quickly to get plugged into your customers’ future spending plans. Here’s what you need to know to take advantage of this extraordinary opportunity.

According to an extensive study recently released by IBM, virus-laden emails and criminal-driven security attacks increased by 50% in the first half of 2005 over the previous year. This enormous increase represented a major growth in targeted attacks against specific organizations and industries for the purpose of stealing critical data, such as identities, or extorting money. These customized, for-profit attacks have been direct predominantly at government agencies, financial services companies, healthcare organizations and large multinational corporations, particularly within the aerospace, petroleum and manufacturing industries. If you have customers in these segments, take note!

According to the report there were more than 237 million overall security attacks in the first half of the year. The government was the most targeted industry, with more than 54 million attacks, while manufacturing ranked second with 36 million attacks, financial services was third with approximately 34 million and healthcare was hit with more than 17 million attacks. In other words, your customers, regardless of their industry, are under major attack.

IBM also saw a resurgence of targeted phishing attacks for money laundering and identity fraud purposes by criminal gangs that have become more astute in the creation and delivery of such attacks. There were more than 35 million phishing attacks launched to steal critical data and personal information for financial gain. More importantly for software sales is the rise in what’s called spear phishing, which consists of highly targeted and coordinated attacks on a specific organization or individual that are designed to extract critical data.

Unlike in previous years, when viruses were created and launched mainly to slow down and cripple IT systems, these types of customized attacks have shown their potential to defraud businesses, steal identities and intellectual property, and extort money while damaging companies’ brands and eroding customers’ trust. Here’s some hard data that will scare the pants off your IT customers:

– One in every 28 emails includes a virus as of June 2005.
– One in every 56 emails is an attempt at spear phishing.
– The United States is the source of the most attacks.
– Attacks are more common on Fridays and Sundays, when IT is least wary.

If you sell software that can improve security at your customers’ sites in any way whatsoever, now is the time to make a special security-oriented sales call on your customer base, especially those in government agencies, financial services companies, healthcare organizations and large multinational corporations. While the security situation no doubt will worsen with time, the perception of the problem and the need to do something about it is peaking inside IT groups. Six months from now they’ll already have a strategy in place that may or may not include your software. The time to move on this is today.