Ponemon Institute recently released a research report entitled “2013 Cybercrime cost”. The research report consecutively sponsored by HP Company for four years estimated the economic impact caused by cybercrime. The report notes that in 2013 the economic impact caused by cybercrime increases 78% compared with that of over the past four years, in the past 4 years, the time cost to solve the problem has increased 130%. Average cost for per network attacks needs more than $ 1 million.
In 2013, the frequency of attacks and damage has increased. Based on the sample of U.S. companies and the government point of view, the loss was caused by cyber attacks every year $ 11.56 million, more than four years ago, when the beginning of the study increased by 78%.
Although the level of network defense is improving, cyber crime groups also show their strong ability of adjust and adopt in front of the continuously improving protection level of network defend.
Some important data presented in this report are summarized as follows:
1) The annual average loss of every enterprise (organization) caused by cybercrime is $ 11.56 million; the loss range is from $ 1,300,000 to $ 58,000,000, which increased $ 2.6 million than that in 2012, an increase of 26%.
2) Military, financial, energy, power industry suffered the largest loss of cyber attacks
3) The major factor of loss caused by cybercrime is data loss or data theft, which accounted for 43% of the total loss, and the loss caused by the shutdown accounted for 36%.
4) The business or organization suffered 122 successful cyber attacks every week. The figure in 2012 was 102.
5) The average time to resolve a cyber attack is 32 days; the average cost during this period was $ 1,035,000, which is about U.S. $ 30,002 thousand a day. And in 2012, the average time to solve the each network attacks was 24 days, with an average cost of $ 591,000.
6) The loss due to DoS attacks, Web attacks and damage caused by the internal staff accounted for 55% of enterprises cybercrimes.
7) For small businesses, the loss caused by network attacks of per employee is much higher than that of large enterprises.
8) For business, the costs of finding network attacks and recovery after network attacks are the highest.
The report also reveals the importance of the necessary network protection mechanisms and establishment of network security awareness. The researchers also found that the use of Security Information and Event Management (SIEM) and big data analysis can help mitigate the loss of network attacks. For enterprise and organizations, data and information may be two of most important assets, data or information loss will lead to not only financial loss but also reputational loss. Every company should establish strong awareness of data security, what’s more, the admin of company need to improve employees’ data protection awareness. For example, admin must remind employees to password protect folder stored in PC and portable storage devices.