Cost of Cybercrime in U.S. Reaches $12.7 Million per Organization
According to the 2014 Cost of Cyber Crime Study, the average annualized cost of cybercrime has reached $12.7 million in the U.S., a 96 percent increase since the study was launched five years ago.
The study, conducted by the Ponemon Institute and sponsored by HP Enterprise Security, also found that the time it takes to resolve a cyber attack in the U.S. has increased from 32 days five years ago to 45 days days today, an increase of 33 percent.
U.S. organizations experienced a 176 percent increase in the number of cyber attacks over the past five years, with a current average of 138 successful attacks per week, up from 50 attacks per week five years ago.
“Business disruption, information loss and the time it takes to detect a breach collectively represented the highest cost to organizations experiencing a breach,” Ponemon Institute founder Dr. Larry Ponemon said in a statement.
The most costly cybercrimes in the U.S., according to the study, are caused by denial of service attacks, malicious insiders, and malicious code, which together account for more than 55 percent of all cybercrime costs per organization on an annual basis.
“Adversaries only need to be successful once to gain access to your data, while their targets must be successful every time to stop the barrage of attacks their organizations face each day,” Art Gilliland, senior vice president and general manager for Enterprise Security Products at HP, said in a statement.
According to the study, advanced security intelligence solutions such as security information and event management (SIEM) tools, intrusion prevention systems (IPS) with reputation feeds, network intelligence systems and big data analytics can help organizations detect and contain attacks, reducing the annualized cost of cybercrime.
Organizations that deployed a SIEM solution saved an average of $5.3 million per year due to their increased efficiency in detecting and containing cyber attacks, the study found.
“No amount of investment can completely protect organizations from highly sophisticated cyber attacks, but improving and prioritizing your organization’s ability to disrupt the adversary with actionable intelligence solutions such as SIEM can significantly improve attack containment and reduce the overall financial impact,” Gilliland added.
Earlier this year, a report from the Center for Strategic and International Studies (CSIS), sponsored by McAfee, found that cybercrime costs businesses more than $400 billion worldwide.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” CSIS senior fellow Jim Lewis said at the time.