computerwoche.de

Archiv

Hong Kong network security better in 2004, finds study

04.04.2005
Von Sheila Lam

A recent annual Hong Kong security survey showed that increased adoption of firewalls by local companies is having an impact, as the number of companies reporting hacking woes dropped sharply in 2004.

The annual survey was initiated by the Hong Kong Productivity Council (HKPC) and jointly conducted with the Office of GIO (OGCIO), the HKCERT and the Hong Kong Police Force, and interviewed 3,000 locally registered companies in November and December of 2004. The survey covered the types of computer attacks and their impact year-on-year from 2003, as well as actions taken and technologies adopted.

The survey indicated a rise in the number of companies adopting firewalls of 20 percentage points (from 45 percent in 2003 to 65 percent in 2004). Conversely, the number of companies suffered from hacking dropped to 5.5 percent last year compared to 13.5 percent in 2003.

Nevertheless, hacking remains the third most prevalent type of computer attack. Computer viruses topped the list, with 94.5 percent of companies indicating viral encounters, followed by "denial of service" (21 percent).

"The awareness of information security among local companies has generally improved over the past year," said KT Yung, general manager (information technology industry development) of HKPC. "Companies not using any security technologies have dropped from 10 percent in 2003 to 3.6 percent in 2004."

The percentage of companies reaching the advanced security level -- meaning companies that have adopted security measures beyond antivirus software, passwords, physical security and firewalls--also increased from 17.4 percent to 21.3 percent year-on-year.

The survey also found the total number of recorded incidents dropped by 8.3 percent, from 943 in 2003 to 865 incidents last year. The magnitude of financial loss also declined to HK$853,150 (US$110,226), 30 percent down from HK$1.22 million in 2003.

"This is an indication that companies have reaped the benefits of their preventive measures and have minimized the impact of attacks," said Yung.

Regarding security management, 62.6 percent of respondents said they regularly apply security patches and 37 percent of the companies employ full-time and part-time staff to handle information security issues. The number of companies implementing an information security policy also increased slightly by one percentage point, according to the survey.