Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cost of Cyberattacks Continues to Rise: Research

The cost of cybercrime in the U.S. has jumped significantly this year, according to new research from Hewlett-Packard and the Ponemon Institute.

The cost of cybercrime in the U.S. has jumped significantly this year, according to new research from Hewlett-Packard and the Ponemon Institute.

According to the study, which covered attacks at dozens of organizations that occurred between January and August, the average annualized cost of cybercrime for U.S. organizations stands at $11.56 million – a 78 percent increase since the first study was done four years ago.

Compared to 2012, the total number of successful attacks per week across the organizations examined has jumped up to 122 per week from 102 last year. In addition, the average annualized cost of cybercrime for each organization has gone up 26 percent. The most costly cybercrimes are caused by denial-of-service, malicious-insider and web-based attacks, which together account for more than 55 percent of all cybercrime costs per organization on an annual basis, according to the study.

Information theft represented the highest external cost (43 percent), with business disruption coming in second (36 percent). When it comes to internal cost, recovery and detection come with the heaviest price tag. For the past year, recovery and detection combined accounted for 49 percent of the total internal activity cost, with cash outlays and labor representing the majority of these costs, researchers found. The average time for resolving a cyberattack in the study this year was 32 days.

Advertisement. Scroll to continue reading.

Though cybercrime cost varied by company size, smaller organizations faced a higher per capita cost than larger organizations. In addition, organizations in financial services, defense, and energy and utilities experience substantially higher cybercrime costs than those in retail, hospitality and consumer products.

“Deployment of security intelligence systems makes a difference,” according to the report. “The cost of cyber crime is moderated by the use of security intelligence systems (including SIEM). Findings suggest companies using security intelligence technologies were more efficient in detecting and containing cyber attacks. As a result, these companies enjoyed an average cost savings of nearly $4 million when compared to companies not deploying security intelligence technologies.”

In addition to the findings by Ponemon and HP, Symantec released its 2013 Norton Report Oct. 1, which showed that while the number of online adults victimized by cybercrime has decreased, the average cost per victim has gone up by 50 percent.

The study fielded responses from more than 13,000 people from 24 countries. According to the survey, the price of consumer cybercrime per victim in the U.S. is $298. The highest numbers of victims were located in Russia.

“Today’s cybercriminals are using more sophisticated attacks, such as ransomware and spear-phishing, which yield them more money per attack than ever before,” said Stephen Trilling, Chief Technology Officer at Symantec, in a statement.

*This story was updated with more information about the Symantec study.

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Kenna Security co-founder Ed Bellis has joined Empirical Security as Chief Executive Officer.

Robert Shaker II has joined application security firm ActiveState as Chief Product and Technology Officer.

MorganFranklin Cyber has promoted Nick Stallone and Ferdinand Hamada into newly created roles.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.