The cost of fighting online hack attacks has rocketed by nearly 70% in the last year, with the average cost per attack being £254,000, while the number of assaults has also risen by nearly 50%.
HP’s second “annual cost of cyber crime study”, carried out by the Ponemon Institute, found that typically organisations experience 72 successful attacks a week, up from 50 last year. Of these the majority are harmless, but the most expensive breach reported among the companies surveyed was £22m.
The research covered malware, denial of service, stolen devices and Web-based attacks and found that the average time to fix a successful breach had risen from 14 days to 18. However, insider attacks were the hardest to lock down, typically taking 45 days to resolve.
“The type of organisation makes a great deal of difference, with defence, energy/utilities, and financial services firms incurring the highest costs independent of their size,” said Ryan Kalember, director of products at HP. “However, the study found that the organisations with more mature security programmes incurred lower overall costs, despite their size and appeal as a target.”
The biggest costs come in recovery and detection by companies, accounting for 45 per cent of the final figure. But network downtime was also a significant cost and there were more intangible damages.
“Reputation loss is not measured in our activity-based costing framework. Frankly, this is a difficult concept to measure empirically,” said Larry Ponemon, chairman of the Ponemon Institute. “But we acknowledge it could represent among the most significant costs for certain organisations – such as the recent security breach at Sony.”
Related stories
Hacker exposes Sun reader data
Bet24 admits breach – 2 years on
Ten tips to prevent a data breach…
Sony refuses to take blame for hack