An "Average" Cyber Crime Costs a U.S. Company $15.4 Million
The cost of cyber crime is skyrocketing.
A new study shows a cyber crime incident in the United States costs a company an average of $15.4 million, an increase of 19%.
Cyber crimes in the United States are much costlier on an average basis than any other country surveyed. In fact, the average cost of a cyber crime incident throughout the world is $7.7 million. Germany had the second highest average, with Japan third.
Not only are the costs rising, the number of successful attacks have also increased 46% in the past four years. In 2012, companies faced 68 security breaches. In 2015, that number has climbed to 99 breaches.
For consumers, one of the most troubling statistics is that it can take up to 46 days for companies to resolve security incidents. This is up from 14 days in 2010 and represents a 229% increase.
The study was conducted by the Ponemon Institute and Hewlett Packard Enterprise Security. It examined 252 companies in seven countries. The study found the most expensive types of attacks include:
- Malicious insiders: $145,000
- Denial of service: $127,000
- Web-based attacks: $96,000
- Phishing: $86,000
- Malicious code: $82,000
The study offered advice on how companies can reduce losses and save money. They include:
- Data encryption and protection that will reduce vulnerabilities.
- Security Information and Event Management (SIEM), which can shorten the amount of time it takes to detect and resolve attacks.
- Security governance that includes more executive commitment, more expertise, and better processes.
- An intrusion prevention system and next-generaton firewalls.
Combined, these changes can save companies up to $1.9 million annually.