Chinese firms unprepared for data attacks: survey

Less than a quarter of companies on the Chinese mainland and Hong Kong are adequately prepared for an information security incident, according to a survey released on Thursday.

Average financial loss through breach of security in 2013 was $1.8 million on the Chinese mainland and Hong Kong, higher than the Asia Pacific average of $1.6 million, according to PricewaterhouseCoopers (PwC).

"As the Chinese economy grows and becomes more global, individual companies will come under closer scrutiny by those seeking to exploit weaknesses," said Samuel Sinn, Risk Assurance Partner at PwC China.

The survey collected 9,600 responses from corporate executives around the world between February and April this year on questions regarding privacy and information security protection.

Nearly 3,000 incidents were detected by survey participants in the past year in the Asia-Pacific region. Seven percent of the survey's respondents are Chinese, the third largest group after the United States and Brazil.

Cyber data protection has become a critical concern in China. Consumers are switching to websites and mobile apps for a broad range of services including retail and money markets.

This raises the question of how ready China's Internet retailers are to tackle breakdowns in security. Leading companies in the sector such as Dang Dang and Yihaodian have fallen prey over the past two years, causing serious compromises to customer data.

The PwC report based on the survey does not have data for the Internet sector, but finds that while 66 percent of China's respondents say they have actively executed effective strategies to respond to security challenges, the cost of doing so for each incident is nearly as much as the losses of those least prepared to run an effective security program.

Of Chinese corporate respondents, 41 percent cited former employees as the most likely source of attacks, as compared to 27 percent globally.

"Information security is our lifeline," said Liu Zhiqiang, chief technical director of Beijing Renke Interactive Information Technology Co Ltd, a developer of cloud software which processes and synchronizes transaction information and customer data. Security, said Liu, is his top priority across all departments.

"Corporate IT systems have become more complex. Cloud technology and mobile devices have made them more fragmented," said Kenny Hui, risk assurance partner at PwC China.