Ponemon Institute report highlights soaring cost of cybercrime

According to the Second Annual Cost of Cybercrime report, the cost of electronic crime has increased 56% from 2010, with the increase in costs causing problems on both sides of the public/private sector divide.

The HP Arcsight-sponsored report - which took in responses from 50 organisations - found that the median annualised cost of cybercrime to organisations is now $5.9 million a year.

Larry Ponemon, the founder and chairman of the Ponemon Institute, said that the nature of the attacks seems to be more severe, leading his research team to believe that organisations are spending more on upfront costs of their forensics and detection capabilities.

Attacks, he explained, are happening in multiple places at the same time and they're happening in ways that are now harder for the organisation to detect and contain.

Delving into the research reveals that the average time an incident response team resolved a cyberattack situation was 18 days, with an average cost of more than $416,000 - a 70% increase from last year's study.

Organisations, he went on to say, reported they had resolved an attack in 14 days in last year's study, at an average cost of $250,000.

The report notes that cyberattacks can be costly if not resolved quickly and that deploying advanced security intelligence and risk management solutions can mitigate the impact of cyberattacks.

Organisations, says the study, that had deployed security information and event management (SIEM) solutions realised a cost savings of nearly 25 percent, resulting from the enhanced ability to quickly detect and contain cybercrimes.

As a result, says the report, these organisations experienced a substantially lower cost of recovery, detection and containment than organisations that had not deployed SIEM solutions.

"As the sophistication and frequency of cyberattacks increases, so too will the economic consequences", said Dr. Ponemon, adding that figuring out how much to invest in security starts with understanding the real cost of cybercrime.

What’s Hot on Infosecurity Magazine?