Transforming IT
Showing results for 
Search instead for 
Did you mean: 

Investing Against Cyber Crime

Incidents of cyber crime are increasing worldwide, and the financial cost of cyber crime is increasing as well.  For many IT organizations these days, it’s not a matter of IF it will happen but WHEN, and HOW MUCH it will cost…


Traditionally, security has been regarded more as an expense that hopefully might pay for itself at some point, rather than as a true investment in information technology requiring careful scrutiny of returns (see my post Measuring the Return on Security Investment). However, security (just like risk management) is receiving more attention these days as cyber crime is becoming more and more pervasive.   


I’ve been reading the HP-sponsored 2013 Fourth Annual Cost of Cyber Crime Study conducted by the Ponemon Institute. It has some eye-opening info.


Who’s at risk?


The study defines cyber crime as criminal activity conducted via the Internet; it can include a host of activities, including stealing intellectual property, posting confidential information, and creating and distributing viruses on other computers.  While most all companies are at risk of cyber crime, organizations in the financial services, defense and utility industries are at greater risk than those in other sectors. The most costly cyber crimes are those caused by denial of service, malicious code and web-based attacks, which account for 55% of all annual cyber crime costs. 


The financial impact


The average annualized cost of an act of cyber crime in the US is $11.6 million, up 26% from 2012. Both public and private businesses are subject to attacks, with an average cost of $32K per day. The average time to resolve a cyber attack is 32 days, with an average cost of around $1 million. Direct and indirect costs can result from the following: loss of information, including intellectual property or customer information; business disruption, including downtime or unplanned outages; equipment damage; and revenue loss due to delays or shutdowns. 


What can be done?


The study’s findings show that companies that invest in security intelligence technologies realize a lower annualized cost of cyber crime. Such technologies include Security Information and Event Management (SIEM), Intrusion Detection and Prevention systems (IPS), Network Intelligence Systems and Big Data analytics. Deploying security intelligence systems resulted in an average cost savings of $4 million, and investments in these systems produced a substantially higher ROI, at 21%, than all other technology categories examined in the study.


If you want to learn more about how to protect your enterprise from cyber crime, a good place to start is our HP enterprise security software and solutions.


At HP Discover 2013 in Barcelona, we announced an expanded cloud portfolio with new solutions and services that offer enterprises improved security for their hybrid environments. Read about our latest cloud innovations here.


A related post by Lois Boliek: Security, Front and Center: 3 Tips for Your IT Transformation

  • Cyber Attack
  • cyber security
  • Cyber-crime
0 Kudos
About the Author

June 6 - 8, 2017
Las Vegas, Nevada
Discover 2017 Las Vegas
Join us for HPE Discover 2017 in Las Vegas. The event will be held at the Venetian | Palazzo from June 6-8, 2017.
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all