Cybercrime Costs Rise Despite Awareness, HP Finds

New research from Hewlett-Packard has found that cyberattacks are increasingly plaguing businesses and government institutions, resulting in significant financial impact, despite widespread awareness.

The study found that recovery and detection are the most costly internal activities, suggesting a significant cost-reduction opportunity for organisations that are able to automate detection and recovery through enabling security technologies.

Conducted by the Ponemon Institute, the Second Annual Cost of Cyber Crime Study revealed that the median annualised cost of cybercrime incurred by a benchmark sample of organisations was $5.9 million (£3.6m) per year, with a range of $1.5 million (£915,000) to $36.5 million (£22.5m) each year per organisation.

Financial Impact

This represents an increase of 56 percent from the median cost reported in the inaugural study published in July 2010.

“Instances of cybercrime have continued to increase in both frequency and sophistication, with the potential impact to an organisation’s financial health becoming more substantial,” said Tom Reilly, vice president and general manager of HP’s enterprise security, division. “Organisations in the most targeted industries are reducing the impact by leveraging security and risk management technologies, which is grounds for optimism in what continues to be a fierce fight against cybercrime.”

The report found cyberattacks have become common occurrences. Over a four-week period, the organisations surveyed experienced 72 successful attacks per week, an increase of nearly 45 percent from last year. More than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.

Cyberattacks can be costly if not resolved quickly. The average time to resolve a cyberattack is 18 days, with an average cost to participating organisations of nearly $416,000 (£253,697). This represents a nearly 70 percent increase from the estimated cost of $250,000 (£152,462) over a 14-day resolution period in last year’s study. Results also showed that malicious insider attacks could take more than 45 days to contain.

Best Defence

The report also indicated deploying advanced security intelligence and risk management solutions can mitigate the impact of cyberattacks.

Organisations that had deployed security information and event management (SIEM) solutions realised a cost savings of nearly 25 percent, resulting from the enhanced ability to quickly detect and contain cybercrimes. As a result, these organisations experienced a substantially lower cost of recovery, detection and containment than organisations that had not deployed SIEM solutions.

“As the sophistication and frequency of cyberattacks increases, so too will the economic consequences,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “Figuring out how much to invest in security starts with understanding the real cost of cybercrime.”

Nathan Eddy

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Recent Posts

Virgin Media O2 To Invest £700m To ‘Transform’ 4G, 5G Network

Virgin Media O2 confirms it will invest £2m a day for new mobile masts, small…

2 days ago

Tesla Cybertruck Deliveries On Hold Due To Faulty Side Trim

Deliveries of Telsa's 'bulletproof' Cybertruck are reportedly on hold, amid user complaints side trims are…

2 days ago

Apple Plots Live Translation Option For AirPods – Report

New feature reportedly being developed by Apple for iOS 19, that will allow AirPods to…

2 days ago

Binance Token Rises After Trump Stake Report

Binance BNB token rises after WSJ report the Trump family is in talks to secure…

3 days ago

iRobot Admits ‘Substantial Doubt’ Over Continued Operation

After failed Amazon deal, iRobot warns there is “substantial doubt about the Company's ability to…

3 days ago

Meta’s Community Notes To Use X’s Algorithm

Community Notes testing across Facebook, Instagram and Threads to begin next week in US, using…

3 days ago