IT | Security

Cyber Crime Costs Millions Per Business

By: Absolute Team | 12/17/2010

Ponemon Institute and ArcSight have released a study determining the Cost of Cyber Crime. According to the report, the median annualized cost of cyber crime is $3.8 million, a hefty figure for a single organization to bear.

The study looked at 45 organizations who suffered cyber crime attacks that had costs in the range from $1 million to $52 million per year per company. These are not single-attack costs, however. In fact, these companies suffered 50 successful attacks per week overall or one successful attack per company per week.

Some interesting results from the report:

  • The most costly cyber crimes are those caused by web attacks, malicious code and malicious insiders. These account for 90% of costs.
  • The average number of days to resolve a cyber attack is 14 days
  • Malicious insider attacks take longer to resolve - up to 42 days or more
  • Cyber attacks can be costly if not resolved quickly with an average cost per day of nearly $18k
  • Detection and recovery are the most costly internal activities.
  • Detection and recovery costs from cyber attacks can be mitigated by deploying enabling technologies such as SIEM and enterprise threat and risk management (ETRM) solutions.
  • Information theft represents the highest external cost (42%), followed by the costs associated with the disruption to business operations

As with stolen or lost laptops, it is not the damage to equipment or the business disruption that leads to high costs in cyber attacks, it's the loss of information that is the true cost.