Cybercrime fight costing companies more this year

A study says the 56 percent increase can be blamed on malicious code, denial of service attacks and stolen devices

Cybercrime cost corporations 56 percent more this year than last, according to an annual study from the Ponemon Institute and sponsored by ArcSight, an HP company.

"Cybercrimes can do serious harm to an organization's bottom line," said the study, which found that the median cost related to cybercrime to the 50 companies in the survey was $5.9 million.

Larry Ponemon, founder and chairman of the Traverse, Mich., company that bears his name, told PCWorld there have been several root causes for the bump up in the cost of cyber crime. "Sophisticated stealthy types of cyber crime are happening more frequently," he said.

When the study was done last year, he explained, more visible forms of cybercrime dominated the mix - viruses, worms, Trojans, malware and botnets. "Now we're seeing more insidious kinds of attacks like malicious code, denial of service, stolen devices, Web-based attacks and malicious insiders," he observed.

"Those are more costly to deal with," because it takes more time to clean them up, he said. Last year, when more conventional cybercrime tools dominated the landscape, it took an average of 14 days and $247,744 to clean up an attack. This year, with a jump in stealthy tactics, that average increased to 18 days, and the cost climbed to $417,748.

Stealth attacks are more difficult to clean up because they "move in quietly to position the attacker lower in the infrastructure and to be able to go after information in a longer term, strategic way," according to ArcSight Public Sector CTO Prescott Winter.

"They're more ingenious in how they launch the attack, which makes them harder to find once they launch it," Winter said.

It's also getting more difficult to defend against intruders, Ponemon noted. "Some of these intruders throw a one-two punch," he said. At the front door, there's a denial of service attack that consumes a defender's resources, he explained, but at the same time other attacks are launched on the defender's position - an insider threat, for instance, and proliferating botnet software.

"When you're getting attacked from two fronts, it's just harder to defend yourself," he said.

That's especially true for organizations who believe strong perimeter defenses alone will protect them, Winter contended. "There's no such thing as a bulletproof perimeter anymore," he said.

"It's absolutely guaranteed these days that the attacker will get in," he maintained. "So the strategy has to change from watching the outside wall to trying to figure out what's happening inside the network."

The study also discovered:

  • The cost to smaller organizations of a cybercrime incident is higher on a per capita basis than to larger organizations.
  • The number of attacks on the companies in the survey increased over last year by 44 percent, to 72 successful attacks per week.
  • Forty percent of the external costs to an organization for cybercrime were attributed to data theft, a 2 percent dip from 2010, and 28 percent to business disruption and lost productivity, a 6 percent increase from last year.
  • The biggest internal costs attributed to cybercrime were tagged to detection and recovery (45 percent).
  • The cost of cybercrime can be moderated by the use of security information and event management systems. The outlay for dealing with a cybercrime incident for firms with those systems was 24 percent lower than for those without the systems, the study noted.

Join the CSO newsletter!

Error: Please check your email address.

Tags hackersfirewallsnetwork securitysecuritylegalcybercrimearcsight

More about ArcSightetworkHewlett-Packard AustraliaHP

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts