Cyber Attacks: Preliminary Evidence from the Bank of Italy's Business Surveys

Claudia Biancotti
{"title":"Cyber Attacks: Preliminary Evidence from the Bank of Italy's Business Surveys","authors":"Claudia Biancotti","doi":"10.2139/ssrn.2954991","DOIUrl":null,"url":null,"abstract":"This paper presents preliminary evidence on cyber risk in the Italian private sector based on the Bank of Italy’s annual surveys of Italian industrial and service firms. The information collected, albeit only covering the incidence of cyber attacks and some aspects of security governance, is the first of its kind for Italy. The results are striking: even though a mere 1.5 per cent of businesses do not deploy any cybersecurity measures, 30.3 per cent – corresponding to 35.6 per cent of total employees – report at least some damage from a cyber attack between September 2015 and September 2016. Once data are corrected to account for unwillingness to report or inability to detect attacks on the part of some respondents, these figures climb to 45.2 and 56 per cent respectively, with large, high-tech and internationally exposed businesses faring worse than average. The economy-wide risk level is likely to be higher still; the financial sector, healthcare, education and social care are excluded from the sample, but they are known from other sources to be particularly appealing to attackers. Further research is needed on the correlation between firm-level vulnerability and investment in cyber defence, and on the cost of cyber breaches.","PeriodicalId":294049,"journal":{"name":"ERN: Other European Economics: Microeconomics & Industrial Organization (Topic)","volume":"121 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ERN: Other European Economics: Microeconomics & Industrial Organization (Topic)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2139/ssrn.2954991","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7

Abstract

This paper presents preliminary evidence on cyber risk in the Italian private sector based on the Bank of Italy’s annual surveys of Italian industrial and service firms. The information collected, albeit only covering the incidence of cyber attacks and some aspects of security governance, is the first of its kind for Italy. The results are striking: even though a mere 1.5 per cent of businesses do not deploy any cybersecurity measures, 30.3 per cent – corresponding to 35.6 per cent of total employees – report at least some damage from a cyber attack between September 2015 and September 2016. Once data are corrected to account for unwillingness to report or inability to detect attacks on the part of some respondents, these figures climb to 45.2 and 56 per cent respectively, with large, high-tech and internationally exposed businesses faring worse than average. The economy-wide risk level is likely to be higher still; the financial sector, healthcare, education and social care are excluded from the sample, but they are known from other sources to be particularly appealing to attackers. Further research is needed on the correlation between firm-level vulnerability and investment in cyber defence, and on the cost of cyber breaches.
网络攻击:意大利银行商业调查的初步证据
本文根据意大利银行对意大利工业和服务公司的年度调查,提出了意大利私营部门网络风险的初步证据。所收集的信息,尽管只涉及网络攻击的发生率和安全治理的某些方面,但这是意大利首次收集此类信息。调查结果令人震惊:尽管只有1.5%的企业没有部署任何网络安全措施,但30.3%的企业(相当于总员工的35.6%)报告称,在2015年9月至2016年9月期间,至少遭受过一些网络攻击的损害。一旦对数据进行修正,考虑到一些受访者不愿报告或无法检测到攻击,这些数字分别攀升至45.2%和56%,大型、高科技和国际化企业的情况比平均水平更糟。整个经济的风险水平可能还会更高;金融部门、医疗保健、教育和社会保健被排除在样本之外,但从其他来源得知,它们对攻击者特别有吸引力。需要进一步研究企业层面的脆弱性与网络防御投资之间的关系,以及网络入侵的成本。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信