True financial cost of IT failures to businesses revealed in KPMG report

Posted On 11 Dec 2014
Comment: Off

N4073A new report by KPMG, entitled: ‘The Technology Risk Radar’, tracks the major technology incidents faced by businesses and public sector bodies and reveals the cost of IT failures over the last 12 months.

Organisations are struggling to stay on top of costly technology risks. The report finds that, on average, employers had to pay an unplanned £410,000 for each technology-related problem they faced. The report also reveals that an average of 776,000 individuals have been affected” and around 4 million bank and credit card accounts compromised” by each IT failure.

Incidents caused by ‘avoidable’ problems such as software coding errors or failed IT changes accounted for over 50% of the IT incidents reported over the past year. Of these, 7.3% of reported events were the fault of human error” a figure which shows that basic investments in training are being ignored at the employers’ cost.

Further, while data loss-related incidents continued to be a major problem for all industries, a significant number of those (16%) were unintentional.

‘The Technology Risk Radar’ reveals that customer-facing organisations are quickly realising the true cost of systems failures if they’re left unchecked. For instance, a utility company faced a £10 million fine when technical glitches during the transfer to a new billing system meant customers did not receive bills for months and were then sent inaccurate payment demands or refused prompt refunds when errors were eventually acknowledged.

Detrimental to business relationships

Commenting on the findings of ‘The Technology Risk Radar’ report, Jon Dowie” partner in KPMG’s Technology Risk practice” said:” Technology is no longer a function within a business which operates largely in isolation. Rather, it’s at the heart of everything a company does. When it goes wrong, it affects an organisation’s bottom line, its relationship with customers and its wider reputation.”

Dowie added:” Investment in technology will continue to rise as businesses embrace digital and other opportunities, but this needs to be matched by investments in assessing, managing and monitoring the associated risks. At a time when even our regulators have shown themselves to be vulnerable to technology risk, absolutely no-one can afford to be complacent.”

With financial services under enormous pressure to maintain highly secure technology infrastructure, KPMG predicts IT complexity will continue to be the single biggest risk to financial services organisations in the coming year. This is closely followed by ineffective governance, risk and non-compliance with regulations. Security risks” such as cyber crime and unauthorised access” are rated fifth.

Dowie concluded:” With ever greater complexity in IT systems, not to mention the challenge of implementing IT transformational change, companies are running to stand still in managing their IT risks. The cost of failure is all too clear. It’s crucial for both public and private sector organisations to understand the risks associated with IT and how they can be managed, mitigated and avoided.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.