430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Cost of cybercrime continues to increase for US companies

The Ponemon Institute as published its fifth report on the cost of cybercrime which provides interesting data on impact on the US companies. Which is the cost of cybercrime suffered by US companies? The fifth annual report published by the Ponemon Institute and titled “2014 Global Report on the Cost of Cyber Crime” reveals that cyber […]

Cost of cybercrime continues to increase for US companies

The Ponemon Institute as published its fifth report on the cost of cybercrime which provides interesting data on impact on the US companies.

Which is the cost of cybercrime suffered by US companies? The fifth annual report published by the Ponemon Institute and titled “2014 Global Report on the Cost of Cyber Crime” reveals that cyber attacks against large US companies (the Ponemon Institute focused on companies having more that 1,000 employees) result in an average of $12.7 million in annual damages.

cost of cybercrime Ponemon Institute 2014

The report, sponsored this year by Hewlett Packard’s Enterprise Security division, confirmed an increase of 9.7 percent from the previous year, the research has discovered that the economic losses are mainly related to business disruption and data breaches information loss account for nearly three-quarters of the cost of cybercrime incidents.

The sectors that suffers the higher cost of cybercrime according to the Ponemon Institute are energy and utility companies and the financial industry, the number of the attacks against both industries is increasing at a worrying trend.

The security posture of companies is significant in the evaluation of the cost of cybercrime they suffer, as explained in the report organizations that invest in security result lower costs associated with security incidents. Analyzing the economic benefit for the adoption of an efficient security policy, the expert at the Ponemon Institute observed a reduction of cost of cybercrime by an average of $2.6 million.

“Business disruption, information loss and the time it takes to detect a breach collectively represented the highest cost to organizations experiencing a breach,” Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement.

An alarming data published in the report is the average company took detect a cyber attack against its systems, 170 days to detect an attack and 31 days on average to apply necessary mitigation actions. The most dangerous attacks are related to the activity of insiders, these attacks are more difficult to be detected and took about two months to resolve.

cost of cybercrime Ponemon Institute 2014 3

As explained in the Ponemon Institute, the cost of cybercrime depends on the size of the victims, the largest firms had greater cost of cybercrime, meanwhile smaller firms had higher damages per employee ($1,601 per worker).

Web-based attacks are most expensive incidents for smaller companies, followed by malware based attacks and denial-of-service attacks, meanwhile large enterprises mainly suffers denial-of-service attacks.

cost of cybercrime Ponemon Institute 2014 2

I consider very difficult to evaluate the overall cost of cybercrime for a company, the data proposed could give us an idea of the trends on the topic, but in my opinion probably the real cost for companies is significantly higher.

Anyway I suggest you the reading of this interesting report.

Pierluigi Paganini

(Security Affairs – cost of cybercrime, Ponemon Institute)