Average cost of US cyber crime rises to $12.7 million in 2014

If you’re a worker in the US, then say goodbye to your Christmas bonus this year (and possibly for the years to come).

A study by the Ponemon Institute has found that the average cost of a cyber crime in the US has reached $12.7 million, a $1.2 million increase since last year.

It has also been found that since 2010 the cost of attacks has risen by 95%. Malicious insiders have taken the lead in regards to biggest costs:

costperincidents

Focus on security

At first glance, the increase in cost and number of attacks suggest that organizations aren’t focusing their efforts on security. However, Dr Larry Ponemon, chairman and founder of the Ponemon Institute, said that these findings tell a different story.

“With organizations now placing a larger focus on their security following the high frequency of large-scale breaches this year, cyber criminals are now getting more creative in how they attack systems,” he said. “As a result of these sophisticated attacks, it now requires more time, energy, and money to locate such attacks and to put a stop to them.”

Time to discover

This year, there have been several high-profile breaches which have taken a less than acceptable amount of time to discover, counter and publicize. These delays come with a price:

lengthofdetection

What do experts recommend?

Without being an expert myself, I spoke to Alan Calder, founder and executive chairman of IT Governance, who said, “The cyber threat environment is constantly changing and we must all take action to respond to these changes. Dealing with information security from a proactive point of view will ensure organizations can continue to thrive even in an environment marked by increasing cyber crime. Tested and proven international frameworks like ISO27001 are the way forward.”

ISO27001 up-take has been increasing year on year, which comes as no surprise. “The increase in ISO27001 certificates is not surprising. More and more companies have come to realize the benefits of implementing an ISO27001-accredited information security management system, both in terms of improving security and gaining a competitive advantage,” said Calder.

To learn more about ISO27001 and how it can help your organization survive, I recommend that you download some of our highly regarded free ISO27001 Green Papers.

ISO27001GP

Leave a Reply

Your email address will not be published. Required fields are marked *