Brandan Blevins, Assistant Site Editor Published: 08 Oct 2013 – Search Security
Sophisticated cyberattacks are hitting enterprises more frequently and attackers are staying on networks undetected for longer periods, contributing to an increase in the average cost of cybercrime for the fourth year in a row, according to a new report.
The fourth-annual Cost of Cybercrime Study, produced by the Ponemon Institute and sponsored by Hewlett-Packard’s enterprise security unit, showed the cost enterprises pay to clean up after a cyberattack has increased 26% from 2012, and has gone up a staggering 78% since the first report was released four years ago.
The latest study analyzed information from 60 large U.S.-based organizations (and 234 in total) in various industry sectors, with the average cost per organization totaling approximately $11.56 million a year.
Instead of focusing on the total cost incurred by enterprises, the Ponemon report narrowed its scope to only include what enterprises spent while responding to cybercrime incidents, including detection, investigation, recovery and incident management.
Larry Ponemon, founder and chairman of the Ponemon Institute, noted that the report doesn’t take into account, as an example, what costs a company would incur if its “crown jewel” of data was stolen — either because a dollar value would be impossible to calculate, or because an organization typically overestimates the value of its own data. Even without these costs included, the report showed the cost range spanning all the way from the low of $1.3 million to the high of $58 million, a number Ponemon said even the largest organizations would notice.