The Ponemon Institute’s new “2014 Global Report on the Cost of Cyber Crime” is confirming what many CISOs and other network security professionals have been saying for months: data breach costs are on the rise.
The Report, which was commissioned by HP, surveyed 257 large organizations in seven countries, and analyzed more than 1,700 attacks. When the numbers were all crunched, researchers found that the average data breach takes 31 days to remediate and costs about $640,000 — which is a 23% jump from last year.
However, the $640,000 tally only represents a single data breach. Worldwide, large organizations spend an average of $7.6 million per year cleaning up after an attack, while those based in the US – which are successfully breached 122 times a year — spend an average of $12.7 million in combined detection, remediation, information loss, and business disruption costs. US-based companies also take an average of 45 days to resolve a data breach, which is about 40% longer than the 32 days it took them in 2013.
“The most surprising finding from this study was that it takes an average of 31 days to resolve a cyber attack, costing an average of $20,000 per day,” commented Larry Ponemon, the chairman and founder of the Ponemon Institute. “It is alarming to know that an unwanted adversary could invade your system, causing costly and reputation-destroying damages without you even knowing it. The ability to remain under the radar enables the adversary to invade your system even further — making it more difficult to eliminate the attack completely, and increasing overall costs.”
“Attackers only need one shot to gain access to an organization’s data, which could result in a huge financial impact for the organization as well as reputational damage,” added Ponemon. “It is critical for organizations to take preventative measures and invest in the security of their organization, as that investment could significantly decrease any financial losses that could occur from a public security breach.”
Heed Ponemon’s advice by downloading our free white paper “How to Find and Remove the Attacker that has Already Passed Through Your Traditional Defenses.” It’s a clarifying and focused overview of what your enterprise can do to avoid becoming the next major data breach victim — which could easily cost millions of dollars, and potentially inflict irreversible reputation damage.