Cyber crime costs USA companies more than $12 million

Despite the across-the-board increase in net cost when adjusting for exchange rate changes, the higher American dollar meant that in USD the cost of attacks for companies in Germany, Japan, Australia, and Russian Federation actually decreased.

An average USA company loses more than $15-million a year because of cyber attacks.

The Ponemon Institute study says the money spent on cybercrime includes shelling out to respond to incidents and money created to prevent additional costs from losing business or customers.

It also represents an 82 percent jump from Ponemon’s inaugural study six years ago.

Denial of service, malicious insiders and web-based attacks are the most costly type of cybercrime for businesses. Small organisations suffer a significantly higher per capita cost than larger ones, the study found: £1,014 as compared with £232.

In fact, cyber crime-related costs have increased by 14 per cent in the last 12 months – the steepest cost curve yet, the research by A report by HP and Ponemon claimed. That percentage has increased by 30 points over the past six years.

Malicious insider attacks took longer to resolve, with companies in Australia requiring an average of 50 days and Japan needing 37 days.

“As organisations increasingly invest in new technologies like mobile, cloud, and the Internet of Things, the attack surface for more sophisticated adversaries continues to expand”, said Sue Barsamian, senior VP and general manager, Enterprise Security Products at HP. “To address this challenging dynamic, we must first understand the threats that pose the most risk and then prioritize the security strategies that can make a difference in minimizing the impact”. And the average cost to resolve a single attack is over $1.9 million.

In Japan, information theft represented the highest external cost, followed by the costs associated with business disruption.

These costs don’t just apply to the cash value lost, but also relate to time, which converts to significant wastage for the company. A sufficient budget can save an average of $2.8 million in attack response and management costs; employment of certified/expert security personnel can save $2.1 million; and the appointment of a high-level security leader can reduce costs by $2 million.