It costs money to defend against cyber attacks. You have to invest in the hardware and software necessary to detect and block threats, and you have to dedicate resources to develop, implement, and enforce solid security policies. It can be a pain, and it is something that many organizations do with reluctance or under duress.
Do you know what costs more, and is an even bigger pain in the ass? Getting compromised and cleaning up after a cyber attack impacts your organization. I wrote a blog post about the costs of cyber crime:
It’s not a surprise that cyber crime is costly for organizations. The cost of any lost productivity, combined with the fallout of any compromised data, the impact to the organization’s reputation, and the cost to clean up and recover from an attack all add up.
The 2014 Ponemon Cost of Cyber Crime study, sponsored by HP, is the fifth annual report on the costs associated with cyber crime. The findings this year show that cyber crime is becoming more costly each year, and that it is taking longer for organizations to recover from cyber attacks.
The cost of cyber crime ranged from $1.6 million to $61 million—with an annualized average of $12.7 million. That is nearly 10 percent higher than the average cost in 2013.
One of the most concerning findings of the study, though, is the amount of time involved in detecting and resolving an attack. The average time it takes to detect a malicious cyber crime attack is 170 days. Some types of attack—specifically attacks involving malicious insiders with authorized access to the network—take 259 days on average to detect. The average time to clean up after an attack is discovered is 45 days. That means it is taking more than seven months on average for organizations to realize they’ve been attacked, and fully recover.
Read the full article at CSOOnline: Your business can’t afford the cost of cyber crime.