For each of the past five years, the Ponemon Institute has explored the cost of cyber crime in a study sponsored by HP Enterprise Security. The 2014 study found that while the cost of cyber crime continues to rise, security intelligence technologies are helping companies detect and contain attacks.
The cost of cybercrime for an organization has escalated to $12.7 million a year, compared with $3.8 million in 2010. In addition, recovering from a data breach now takes an average of 48 days, up from 14 days in 2010. Cybercriminals are spending more money, sharing more information, and upgrading their skillsets in stealth mode.
To build agility and resilience against cyberattacks in this highly interconnected and complex threat landscape, organizations need to think like the bad guys.
The problem: Costs and incidence of attacks are high and growing.
- Average cost of cyber crime per company: 95% increase in 4 years
- Number of successful attacks per year per company: 144% increase in 4 years
- Average time to resolve incidents: 221% increase in 4 years
- Most costly kinds of attack:
- 11% Phishing and social engineering
- 12% Web-based attacks
- 23% Denial of service
- 25% Malicious code
- 29% Others
The Solution: You can fight back. Attack threats before they attack you.
Technology solutions – reduce costs by $5.3M
- Implement Security Information and Event Management (SIEM)
- Install intrusion prevention systems
- Perform application security testing
- Use governance, risk management and compliance (GRC) tools
Enterprise security governance – reduce costs by $1.7M
- Appoint security executive
- Convene security council
- Acquire security expertise
- Perform security training
- Achieve security certifications