14 DAY TRIAL // According to a new study conducted by the Ponemon Institute on behalf of HP, the cost, frequency and time to resolve cyberattacks continue to rise. This is the fourth consecutive year in which this upwards trend is recorded.
The report, 2013 Cost of Cyber Crime Study, shows that the average annualized cost of cybercrime incurred per organization was $11.56 million (€8.55 million). Compared to four years ago, this represents a 78% increase. Compared to last year, it’s a 26% increase.
In addition, it takes organizations 130% more time to resolve a cyberattack compared to four years ago. The average time to resolve an attack is 32 days.
“The threat landscape continues to evolve as cyberattacks grow in sophistication, frequency and financial impact,” said Frank Mong, vice president and general manager, solutions, enterprise security products, HP.
“For the fourth consecutive year, we have seen the cost savings that intelligent security tools and governance practices can bring to organizations, and as HP, we are committed to continuing to deliver both industry-leading solutions and research to further disrupt the threat life cycle of the adversary.”
So which attacks are the most costly? According to the study, distributed denial-of-service (DDOS) attacks, insider attacks and web-based attacks are the most costly. These types of incidents account for over 55% of cybercrime costs.
The highest external costs are represented by information theft, followed by business disruption. While information loss costs have decreased by 2% to 43% compared to last year, the external costs of business disruption or lost productivity have increased by 18% from 2012.
As far as internal activities are concerned, the most costly are recovery and detection. These activities accounted for 49% of costs, most of it representing labor and cash outlays. It’s also worth noting that the per-capita financial impact suffered by smaller organizations is higher than the one on larger companies.
Sectors such as financial services, energy, defense and utilities experience higher cybercrime costs than retail, consumer products and hospitality.
If you’re interested in learning more about the study, you can register for the webinars that will take place on October 29 and 30.