Cyber Crime On The Rise And Costly – What Can You Do About It

The Ponemon Institute recently published the First Annual Cost of Cyber Crime Study. Download here.  The study was conducted by Ponemon, an independent research group with a focus on privacy and data protection, and ArcSight, a security and compliance management provider.  The study involved a benchmark cost analysis of 45 different companies ranging from 500 employees to over 100,000.                                                                             

Here are the significant points from the executive summary:

  • The median cost of cyber crimes for the 45 organizations was $3.8 million per year (ranging from $1 million to $52 million)
  • Cyber attacks are the most common occurence
  • The most costly attacks (amounting to 90% of the attacks) are web attacks, malicious code, and malicious insiders
  • The companies in the study were experiencing 50 successful attacks per week
  • Average number of days to address a cyber attack was 14 days, with insider attacks taking more than a month
  • Costs for company compliance depended greatly on the level of security programs at each company

The study defined cyber attack as any criminal activity conducted via the Internet, including theft of intellectual property, confiscating online information and accounts, distributing viruses, and disclosure of confidential information.  The study referred to some well publicized cases of cyber attack, such as TJX companies, which I posted about on this blog previously.

What should you do if you or your Connecticut business has been a victim of cyber attack? 

Although the Ponemon study involved large companies, many experts in the field suspect that small business are equally, if not more, exposed to cyber attacks.  Therefore, regardless of the size of your company, it is a good idea to have a risk management audit to determine your company’s ability to respond to a cyber attack.  Advanced planning is critical to mitigating damages from cyber attacks.



About the Author

Share Post:

More Insights from The Connecticut Business Litigation blog

Privacy Preference Center