Survey: Few companies addressing cyberterrorism

Cyberterrorism has become a growing threat, yet few companies include it in disaster recovery plans or policies and procedures, according to new survey from AFCOM.

Lance Whitney Contributing Writer

Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.

See full bio

Lance Whitney

Oct. 28, 2009 11:16 a.m. PT

2 min read

Cyberterrorism is on the rise around the world. But only one-third of companies are tackling it in their disaster recovery plans, says a survey released Tuesday by data center association AFCOM.

Although the majority (60.9 percent) of companies questioned see cyberterrorism as a threat to be addressed, "AFCOM's 2009/2010 Data Center Trends" survey found that only 24.8 percent have adopted it in their policies and procedures manuals. Further, only 19.7 percent provide cyberterrorism training to their employees.

Around 82 percent do run background checks on new hires. But that still leaves almost 20 percent of all data centers that don't perform security checks on new employees, even those working directly with personal, financial, and even military records, noted AFCOM.

Cyberattacks have made the headlines over the past few years as they've become more widespread.

Last summer, Georgia suffered a series of cyberattacks as several key Web sites went down for more than a week. The small nation blamed forces within Russia for the attacks.

This past July, the U.S. and South Korea were hit with denial-of-service attacks, preventing people from accessing several government Web sites.

The U.S. power grid has been especially vulnerable as utility companies rely more on network-based smart-grid technology to manage it. A Wall Street Journal report said spies from Russia and China have already hacked into the grid, leaving behind traces of their activity.

In an interview with "60 Minutes" in April, Defense Secretary Robert Gates said that the U.S. is "under cyberattack virtually all the time, every day."

Beyond the AFCOM survey, other reports have also noted flaws among organizations in their approach toward cyberterrorism.

A recent report by the SANS Institute found that companies have misplaced priorities in determining where and how to shore up their defenses against cyberattacks.

AFCOM noted that over the past five years, 63 percent of all its data center members have seen a dramatic rise in the amount of information they need to store and protect. The report urges data center managers to include cyberterrorism in their disaster recovery and security plans.

To compile its report, AFCOM surveyed 436 of its member data center sites across 27 countries. Approximately 83 percent of the respondents were in the U.S., with the rest overseas. Private industry made up 84.5 percent of those surveyed, with government agencies comprising 8.1 percent, and universities 7.4 percent. The survey also included questions on green technology, cloud computing, and virtualization.