Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Web attacks, malware and insider threats can cost organisations millions of dollars in losses each year, according to a Ponemon Institute study. The survey of 45 US companies found that cybercrime costs organisations US$3.8 million per year on average. IT security practitioners at each of the participating entities were interviewed as part of the study, which found that the cost of cybercrime ranged from US$1 million to US$52 million per year per company. Larry Ponemon, chairman and founder of the Ponemon Institute, told SCMagazineUS.com that some of the organisations studied were surprised at the total economic impact of digital offenses. “Basically, the number one takeaway is that cybercrime is very costly,” Ponemon said. The analysis attempted to capture the direct and indirect costs of cybercrime, including information theft or loss, business disruption and property destruction – all of which constitute “external” costs. In addition, the cost of “internal” cybercrime mitigation activities, including detection, investigation, containment, recovery and post-incident response, were quantified. Cybercrime detection and recovery were the most costly internal activities, while information loss was the most expensive external cost, the study found. Companies included in the study fell victim to 50 attacks per week, or the equivalent of more than one successful attack per company each week. More than 90 percent of all cybercrime costs resulted from web-based attacks, malicious code and malicious insiders. Organisations that were analyzed took 14 days on average to resolve cyberattacks, with the average cost per day totaling US$17,696, according to the study. Malicious insider attacks, however, took up to 42 days or more to resolve. “Every organization should be concerned about cyberattacks and how much it will cost to manage and contain them,” Tom Reilly, president and CEO of ArcSight, said in a statement. On a more positive note, the study found that organisations are able to reduce the financial impact of cybercrime with a strong security posture.Appointing a CISO, deploying an enterprise security strategy, and investing in technologies that address sophisticated threats and manage security events could reduce the impact and cost of cyberattack, Ponemon said. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.