Cyber crime is now the third most common type of economic crime in the UK.
According to a survey of almost 4,000 organisations by PwC, cyber crime is taking over from some of the more conventional types of fraud and corruption.
William Beer, director of cyber security services at PwC, said: “Organisations face serious threats from cyber criminals from within as well as outside. It is clear that senior executives need to take these risks more seriously. Almost four in ten respondents say their organisation doesn't have the capability to prevent and detect cyber crime.
“On top of this, we've discovered that organisations might not be clear about exactly what cyber crime is, whom it affects and what they need to do to protect themselves.”
Just under half (46 per cent) of UK respondents perceived cyber crime as an external threat, assuming it originates from places such as China, India, Nigeria, Russia and the US. However, the survey suggested that the perception of cyber crime is changing and that organisations are now recognising the risk of cyber crime coming from inside.
“Reputational damage strikes an organisation at its core. The effects can seriously damage the perception of a brand, leading to loss of market share. As society becomes less tolerant of unethical conduct, businesses need to ensure they place a premium on building public trust,” said Beer.
The majority of UK respondents reported fraud coming from outside their organisation, while over a third found their own employees were responsible for the largest frauds. More than half (51 per cent) of UK respondents reported at least one instance of economic crime in the past 12 months, compared with the global figure of 34 per cent. Nearly a quarter of UK respondents said they had experienced more than 10 incidents of economic crime over the past year.
Tony Parton, forensics partner at PwC, said: “The fact that 26 per cent of those who experienced an economic crime in the past 12 months reported a cyber crime is particularly alarming.
“This is a dramatic finding and marks the promotion of cyber crime to the premier league of fraud. As well as direct financial costs, there are other commercial consequences of cyber crime, such as reputational/brand damage, poor employee morale or service disruption.
“During a downturn, the ‘corporate core' of an organisation tends to be hit the hardest, with severe resource cutbacks in areas that are the first- and second-line defences against fraud, such as internal audits. Under-staffing and increased workloads might mean that internal fraud is going undetected, or that those completing our survey aren't finding out about it.”