Ponemon Institute recently released a research report entitled “2013 Cybercrime Cost”. The sponsoring companies for four consecutive years by the HP study estimated the economic impact caused by cybercrime. The report notes that the economic impacts caused by cybercrime in 2013 increased by 78% compared with the past four years, while in the past four years, in order to solve the problem the time cost increased by 130%. Average cost paid for per network attack is over $ 1 million.
In 2013, the frequency of attacks and damage has increased. Based on the sample of U.S. companies and the government, the loss caused by the network attacks is $ 11.56 million every year, which increased by 78% compared with that of the beginning of the study four years ago.
Although the network defense level is increasingly improving, while the cyber crime groups are also showing their strong ability of adapt and adjust facing the continuously improving network defense level.
Some important data in this report are summarized as below:
1) Every enterprise (organization) loss average $ 11.56 million owing to cyber crime every year, the loss range is from $ 1,300,000 to $ 58,000,000. Compared with the average level in 2012, it increases by $ 2.6 million, an increase of 26 %.
2) The fields of military, financial, energy, power industry suffered the largest loss caused by cyber attacks.
3) Data theft is a major factor causing the loss of cybercrime, which accounted for 43% of the total loss, loss of business caused by the shutdown accounted for 36 %.
4) The business or organization suffered 122 times successful network attacks weekly. In 2012 the figure was 102 times
5) The average time to resolve a cyber attack is 32 days; the average cost during this period was $ 1,035,000, which is about U.S. $ 30,002 thousand a day. And in 2012, the average time of solving every network attack is 24 days, the average cost’s $ 591,000.
6) The loss caused by DoS attacks, Web attacks and damage caused by the internal staffs accounted for 55% of enterprises cyber attacks losses.
7) For small businesses, the loss caused by network attacks in accordance with the average figure to every employee is much higher than that of large businesses.
8) For business, finding network attacks and recovery after the attacks was the most expensive two items.
This report also revealed the importance of necessary network defense mechanism and building network security awareness. Researchers also found that adopting security information and event management and Big Data Analytics can help mitigate the loss of network attacks.
For businesses especially the small business, enhancing employees’ data and information protection awareness and company’s data security system is imperative. In order to prevent unethical staffs stealing data and information, administrators can encrypt important folders in computer. For the important files shared with some employees, admin can password protect the shared folders and assign permissions to different users.