The Ponemon Institute, on behalf of HP, released the 2015 Cost of Cyber Crime Study, which seeks to understand which cyber attacks are most common and most costly and which defences are most effective. Central to this year’s report is an awareness of the growing attack surface for cyber criminals to exploit, brought on by mobile and the cloud.
The study looked at data from 252 companies in 7 countries. More than 2000 interviews and nearly 2000 attacks were used to measure total costs. However, the costs did not include expenditures to improve security nor compliance associated costs.
Not surprisingly, this year’s study found that the cost of cyber crime is rising. The average cost of cyber crime per company is up to $7.7 million, from $7.6 million last year. This is a global figure, with the US sample reporting the highest total average cost at $15 million. The greatest total annualized cost of cyber crime in 2015 was $65 million, with the lowest costing over $300,000. The number of successful cyber attacks is also increasing, up 46% over the past 4 years. Worse yet, each incident is taking longer to resolve. It now takes an average of 26 days to resolve a cyber attack incident, up from 14 days in 2010.
The report found that attacks from malicious insiders can rack up a cost of $145,000. Next in line were denial of service, web-based, phishing, social engineering, and malicious code. In order to bring these costs down, organizations must fight back with a combination of tactics, including:
Executive support for data security is now recognized as a key differentiator when it comes to setting a strong security posture. As the 2015 Cost of Cyber Crime Study notes, pairing a strong security culture with processes, awareness, policies and technology, the costs associated with cyber crime can greatly be reduced.
Endpoint devices are currently responsible for expanding the attack surface for cyber crime, but with strong endpoint security from Absolute DDS, you can regain the visibility you need to assess risk and apply remote security measures, often automated. In the event of a security incident, you have the visibility you need to prove that compromised devices were properly secured (encryption status), not accessed and safely deleted. Learn more here.