Average cost of U.S. cybercrime rises to $12.7 million in 2014

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.scmagazine.com/cost-of-cybercrime-continues-to-increase-this-year/article/376035/

The cost of cybercrime rose again this year, with the average cost of a
crime in the U.S. reaching $12.7 million, compared to $11.56 million
reported in 2013, according to a new Ponemon Institute study.

Although this year's “2014 Global Report on the Cost of Cyber Crime” found
that the cost of attacks has risen by 95 percent since 2010, that isn't to
say enterprises aren't focusing on security, said Dr. Larry Ponemon,
chairman and founder of the Ponemon Institute, in a Wednesday morning email
to SCMagazine.com. Instead, the findings reflect just the opposite.

“With organizations now placing a larger focus on their security following
the high frequency of large-scale breaches this year, cyber criminals are
now getting more creative in how they attack systems,” he said. “As a
result of these sophisticated attacks, it now requires more time, energy,
and money to locate such attacks and to put a stop to them.”

Through interviews with more than 2,000 participants at 257 companies in
seven countries, the researchers also found that American companies are
particular targets for malicious code attacks, which were followed closely
by denial-of-service and web-based attacks.

The year saw denial-of-service attacks reach $166,545 per incident. It was
malicious insiders that topped the list of attacks, costing enterprises
around the world about $213,542 per incident, though insiders tend to
target Japan more frequently than the other surveyed countries.The year saw
global denial-of-service attacks reach $166,545 per incident.

While attacks always incur high costs, the longer they persist, the more
companies must spend to counter them. For instance, a typical attack this
year lasted about 31 days and averaged a total cost of $639,462. Last year,
the average attack was mitigated within 27 days and cost a total of
$509,665.

Again, Ponemon attributes this to creative attackers who expend resources
to create complex, sophisticated attacks that take time to mitigate.

“It's concerning to know that an unwanted adversary can be lurking in your
system for so long, causing costly and reputation-destroying damages
without the organization even noticing,” Ponemon said. “This allows the
adversary time to invade the system even further and make it more difficult
for the organization to eliminate the attack completely.”

As the cost of cybercrime continues to rise, at least for now, Ponemon
advised organizations to dedicate funds to the proper security intelligence
tools and qualified staff.

“It is critical for organizations to invest in the security of their
organization, as that investment could significantly decrease any financial
losses that can be incurred from a public security breach,” he said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!