Cost of cybercrime up 56%, HP says

August 2, 2011
Cyber Security, FedCyber Wire
No Comment

via ZDnet

Hewlett Packard on Tuesday released a new report concluding that the cost incurred by rampant cybercrime was up 56 percent year over year.

“Cyberattacks increasingly plague businesses and government organizations, resulting in significant financial impact, despite widespread awareness,” the company says.

In its second annual “Cost of Cyber Crimestudy – which was conducted by the Ponemon Institute¬†– researchers found that recovery and detection are the most costly internal activities.

Over a four-week period, the organizations surveyed by Ponemon experienced 72 successful cyberattacks per week, a 45 percent increase from from last year.

More than 90 percent of all cybercrime costs were caused by four tactics:

  1. malicious code
  2. denial of service
  3. stolen devices
  4. web-based attacks

“Instances of cybercrime have continued to increase in both frequency and sophistication,” HP Enterprise Security’s Tom Reilly said in a statement, “With the potential impact to an organization’s financial health becoming more substantial.”

Using a benchmark sample of organizations, the median annualized cost of cybercrime was $5.9 million per year. The range stretched from $1.5 million to $36.5 million each year, per organization.

More points from the study:

  • The average time to resolve a cyberattack is 18 days, with an average cost of about $416,000. That’s a 70 percent increase from the figure in last year’s study.
  • Malicious insider attacks can take more than 45 days to contain.
  • Organizations that deployed security information and event management solutions saw a cost savings of about 25 percent, mostly from slowing down the extent of the destruction.
Original article here.