Transforming IT
Showing results for 
Search instead for 
Did you mean: 

Investing Against Cyber Crime

Incidents of cyber crime are increasing worldwide, and the financial cost of cyber crime is increasing as well.  For many IT organizations these days, it’s not a matter of IF it will happen but WHEN, and HOW MUCH it will cost…


Traditionally, security has been regarded more as an expense that hopefully might pay for itself at some point, rather than as a true investment in information technology requiring careful scrutiny of returns (see my post Measuring the Return on Security Investment). However, security (just like risk management) is receiving more attention these days as cyber crime is becoming more and more pervasive.   


I’ve been reading the HP-sponsored 2013 Fourth Annual Cost of Cyber Crime Study conducted by the Ponemon Institute. It has some eye-opening info.


Who’s at risk?


The study defines cyber crime as criminal activity conducted via the Internet; it can include a host of activities, including stealing intellectual property, posting confidential information, and creating and distributing viruses on other computers.  While most all companies are at risk of cyber crime, organizations in the financial services, defense and utility industries are at greater risk than those in other sectors. The most costly cyber crimes are those caused by denial of service, malicious code and web-based attacks, which account for 55% of all annual cyber crime costs. 


The financial impact


The average annualized cost of an act of cyber crime in the US is $11.6 million, up 26% from 2012. Both public and private businesses are subject to attacks, with an average cost of $32K per day. The average time to resolve a cyber attack is 32 days, with an average cost of around $1 million. Direct and indirect costs can result from the following: loss of information, including intellectual property or customer information; business disruption, including downtime or unplanned outages; equipment damage; and revenue loss due to delays or shutdowns. 


What can be done?


The study’s findings show that companies that invest in security intelligence technologies realize a lower annualized cost of cyber crime. Such technologies include Security Information and Event Management (SIEM), Intrusion Detection and Prevention systems (IPS), Network Intelligence Systems and Big Data analytics. Deploying security intelligence systems resulted in an average cost savings of $4 million, and investments in these systems produced a substantially higher ROI, at 21%, than all other technology categories examined in the study.


If you want to learn more about how to protect your enterprise from cyber crime, a good place to start is our HP enterprise security software and solutions.


At HP Discover 2013 in Barcelona, we announced an expanded cloud portfolio with new solutions and services that offer enterprises improved security for their hybrid environments. Read about our latest cloud innovations here.


A related post by Lois Boliek: Security, Front and Center: 3 Tips for Your IT Transformation

0 Kudos
About the Author

28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
HPE at Worldwide IT Conferences and Events -  2017
Learn about IT conferences and events  where Hewlett Packard Enterprise has a presence
Read more
View all