Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Report Details Economic Impact of Cyber Crime

ArcSight : 28 July, 2010  (Technical Article)
AecSight joins forces with the Ponemon Institute to bring a case study report on the true economic consequences of cyber crime on commercial organisations
ArcSight and the Ponemon Institute have announced the results of a benchmark study that quantifies the economic impact of cyber crime. The First Annual Cost of Cyber Crime Study was sponsored by ArcSight, independently conducted by the Ponemon Institute and designed to provide awareness around the level of investment and resources needed to prevent or mitigate the devastating consequences of a cyber attack.

Cyber crime generally refers to criminal activity conducted via the Internet. The attacks can include stealing an organization's intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country's critical national infrastructure.

According to the study, which involved interviews with the data protection and IT security practitioners in 45 US organizations, cyber crime is common, intrusive, and can have a significant impact on an organization's bottom line. Over a four-week period, the 45 organizations surveyed in the study experienced 50 successful attacks per week, or more than one successful attack per organization per week. This resulted in a median annualized cost of $3.8 million per organization per year, with costs for the complete benchmark sample ranging from $1 million to nearly $52 million.

"Every corporation is vulnerable to thousands of cyber attacks that occur daily across all industries, causing information theft, disruption to business operations and serious financial loss," said Dr Larry Ponemon, founder and chairman of the Ponemon Institute. "Through actions such as the appointment of a chief information security officer (CISO), the rollout of an enterprise security strategy, and investments in technologies capable of addressing sophisticated threats and managing complex security events, companies are able to reduce the financial impact of cyber crime."

Additional key findings of the study include:

* The most costly cyber crimes are those caused by web attacks, malicious code and malicious insiders, which account for more than 90% of all cyber crime costs per organization on an annual basis.

* Cyber attacks can be costly if not resolved quickly. In the sample, malicious insider attacks took up to 42 days or more to resolve, with the average cost to an organization of nearly $18,000 per day.

* Detection and recovery are the most costly internal activities. On an annualized basis, detection and recovery combined account for 46% of the total internal activity cost, with labor representing the majority of these costs.

* Detection and recovery costs from cyber attacks can be mitigated by deploying enabling technologies such as SIEM and enterprise threat and Risk Management (ETRM) solutions. For example, participating companies that had deployed a SIEM system achieved a 24% cost savings when dealing with cyber attacks versus those that had not.

"Every organization should be concerned about cyber attacks and how much it will cost to manage and contain them. ArcSight has enabled businesses and government institutions to minimize their exposure to cyber threats with our market-leading SIEM product," said Tom Reilly, president and CEO of ArcSight. "However, cyber threats are constantly evolving and traditional signature-based perimeter security is no longer enough. We believe that delivering a comprehensive platform for Enterprise Threat and Risk Management (ETRM) will increase visibility across the enterprise and successfully mitigate exposure to the risks of modern-day cyber crime."

The First Annual Cost of Cyber Crime Study was conducted in early 2010 from a survey of 45 US organizations representing a cross section of markets. The study focused on the direct, indirect and opportunity costs that resulted from loss or theft of information, disruption to business operations, revenue loss and destruction of property. These costs included what was spent on the detection, investigation, containment, recovery and post-act response.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo