Transforming IT
Showing results for 
Search instead for 
Do you mean 

Investing Against Cyber Crime

on ‎12-13-2013 11:16 AM

Incidents of cyber crime are increasing worldwide, and the financial cost of cyber crime is increasing as well.  For many IT organizations these days, it’s not a matter of IF it will happen but WHEN, and HOW MUCH it will cost…

 

Traditionally, security has been regarded more as an expense that hopefully might pay for itself at some point, rather than as a true investment in information technology requiring careful scrutiny of returns (see my post Measuring the Return on Security Investment). However, security (just like risk management) is receiving more attention these days as cyber crime is becoming more and more pervasive.   

 

I’ve been reading the HP-sponsored 2013 Fourth Annual Cost of Cyber Crime Study conducted by the Ponemon Institute. It has some eye-opening info.

 

Who’s at risk?

 

The study defines cyber crime as criminal activity conducted via the Internet; it can include a host of activities, including stealing intellectual property, posting confidential information, and creating and distributing viruses on other computers.  While most all companies are at risk of cyber crime, organizations in the financial services, defense and utility industries are at greater risk than those in other sectors. The most costly cyber crimes are those caused by denial of service, malicious code and web-based attacks, which account for 55% of all annual cyber crime costs. 

 

The financial impact

 

The average annualized cost of an act of cyber crime in the US is $11.6 million, up 26% from 2012. Both public and private businesses are subject to attacks, with an average cost of $32K per day. The average time to resolve a cyber attack is 32 days, with an average cost of around $1 million. Direct and indirect costs can result from the following: loss of information, including intellectual property or customer information; business disruption, including downtime or unplanned outages; equipment damage; and revenue loss due to delays or shutdowns. 

 

What can be done?

 

The study’s findings show that companies that invest in security intelligence technologies realize a lower annualized cost of cyber crime. Such technologies include Security Information and Event Management (SIEM), Intrusion Detection and Prevention systems (IPS), Network Intelligence Systems and Big Data analytics. Deploying security intelligence systems resulted in an average cost savings of $4 million, and investments in these systems produced a substantially higher ROI, at 21%, than all other technology categories examined in the study.

 

If you want to learn more about how to protect your enterprise from cyber crime, a good place to start is our HP enterprise security software and solutions.

 

At HP Discover 2013 in Barcelona, we announced an expanded cloud portfolio with new solutions and services that offer enterprises improved security for their hybrid environments. Read about our latest cloud innovations here.

 

A related post by Lois Boliek: Security, Front and Center: 3 Tips for Your IT Transformation

0 Kudos
About the Author

Labels
Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all