The Second Annual Cost of Cyber Crime Study by the Ponemon Institute makes plain that cyber attacks are not going away and are financially painful for victim companies. Indeed, the median annualized cost of cyber crime for a company is $5.9 million, with a range of between $1.5 million $36.5 million per company. This represents a 56% increase from the 2010 median cost.
It is no wonder that cyber crime comes with a serious price tag for victim companies, as cyber attacks occur on a frequent basis. During just a four-week period, the companies that were part of the study suffered 72 successful attacks per week – a 45% increase from 2010. The vast majority of the attacks consisted of malicious code, denial of service, web-based attacks and stolen devices.
Detection and recovery are the most expensive aspects of internal cyber crime costs, according to the study. This suggests significant cost reduction potential for companies that are able to implement security technology that automates detection and recovery.
Interestingly, the average time to resolve a cyber attack is 18 days, according to the study. Time equals money, because attacks that are resolved earlier are far less costly. And some malicious insider attacks can take as long as 45 days to contain, certainly adding to the bottom line.
The study indicates that companies that deploy advanced security intelligence and risk management measures lessen the impact of cyber crime. The costs of grappling with attacks can be reduced by as much as 25% if such measures are put in place.
It appears that cyber crime is here to stay, and companies need to be smart and fast to mitigate the costs of cyber attacks.