Why Have Digital Rights Management for Documents?

• The FBI’s reported average financial loss of $2.7 million per computer crime incident CSI/FBI Computer Crime and Security Survey, 2003.
• Most of these are attacks from insiders according to the FBI who have systematically investigated these incidents.
• PriceWaterhouseCoopers have found that 50% of the most serious security breaches in enterprises are due to insiders. Information Security Breaches Survey 2002
• There is an “exponential” increase in computer related crimes and “a tightening economy, the increasing riches flowing through cyberspace and the relative ease of such crimes” are leading to huge losses by many companies and government agencies. New York Times (“Crime is Soaring in Cyberspace”) The January 27, 2003
• Intellectual property loss is costing companies $55 Billion/year. The cost per incident is about $300K.  Trends in Proprietary Information Loss; ASIS International, 2002

Of the companies in the FBI study that reported insider abuse – and 80% did – one third didn’t even know how many times their systems had been compromised. Integrity, not ability or the fear of getting caught, is all that separates a conscientious employee from a thief.” Information Week states the key point, “Data breaches are a constant threat and put companies in danger of losing their most valuable asset: customer trust,” is perhaps the greatest concern that companies should have. “The potential black eye that a company could receive is measurable in hard dollars, especially when you tally lost customer business, goodwill with customers, as well as lost future business.” “Despite growing concern over identity theft, it appears that companies aren’t doing all that they can to protect customer data.”

• “Perimeter security is not enough. . .We must become less perimeter-centric and more asset-centric,. . . Without a firm grasp of what we’re guarding, where it resides and how valuable it is, how can we hope to quantify necessary levels of protection, much less achieve them?” Network Computing “Enemies Inside the Gates” January 23, 2003 
• In addition to compliance with laws and regulations, companies are now recognizing that they must protect their information as a valuable asset. The Wall Street Journal has stated the following summary of the problem. “But now companies are starting to look for ways to keep stuff from getting out. The reason is simple: for all the damage that invading viruses can do to a system, businesses increasingly realize their greater vulnerability is already inside. It’s Alice in accounting or Bill in the call center – employees who have access to valuable trade secrets, financial data or confidential client information and who, intentionally or not, might send it to someone who isn’t authorized to receive it.” Forbes included an article titled, “The Insider, when a top employee is suspected of stealing data, things can get messy.” It states that “Insider network abuse ranks second only to viruses, according to the annual Computer Security Institute – FBI survey. Employees often keep duplicate versions of sensitive data on their PDAs, BlackBerrys and home computers.