A new global research demonstrates the need for Instant-On Enterprises to adopt a new, comprehensive approach to managing risk within today’s increasingly complex security landscape.
According to the Second Annual Cost of Cyber Crime Study, an HP-sponsored Ponemon Institute survey, cyber attacks have a significant financial impact on businesses and government organizations, despite widespread awareness.
The study indicates that the median cost of cyber crime is now $5.9 million per year, a 56 percent increase from the median cost in last year’s study. In addition, more than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.
During a four-week period, organizations surveyed experienced an average of 72 successful attacks per week, an increase of nearly 45 percent from last year.
The average time to resolve a cyber attack is 18 days, with an average cost of nearly $416,000. This is an increase of approximately 70 percent from the estimated cost of $250,000 during a 14-day resolution period in last year’s study.
In addition, another study from Coleman Parkes, commissioned by HP, surveyed senior business and technology executives in Asia Pacific on their perspectives on risk, security threats and current priorities.
When asked what type of risk management is most critical to enterprises, the study revealed that financial risk was most critical to enterprises. In terms of threats representing the highest potential risk to organizations, executives agree the first is technological, with economic a close second.
The study also indicated that while executives are aware of potential security threats, they lack confidence in their organizations’ risk management practices. Specifically, only 27 percent of business and technology leaders indicated that their organizations were very well defended against security threats.
Executives surveyed also expressed that the volume and complexity of risks and threats continue to escalate. Nearly 70 percent of executives said that the complexity of risks has increased.
In addition, more than 40 percent of executives believe that security breaches within their organizations have increased during the last year, with 46 percent responding that, in the past year, they experienced a security breach by unauthorized internal access while 39 percent responded that they had experienced an external breach.
In the past 12 months, 22 percent of respondents said their organizations suffered from unwanted disclosure due to a security breach, 20 percent endured business interruption, 18 percent experienced identity and privilege abuse and 14 percent reported unsound transactions and 31 percent had to deal with compliance management issues.
Platform vulnerabilities were identified as most critical to organizations, followed by network, application and device vulnerabilities. More than 70 percent of the respondents indicated that security will be a major priority for 2012, while more than 50 percent believe that their security budget will increase in the next budget cycle.
MORE ARTICLES ON IT SECURITY