The New Ponemon study (sponsored by HP)
Global Study at a Glance
252 companies in 7 countries
2,128 interviews with company personnel
1,928 total attacks used to measure total cost
$7.7 million is the average annualized cost
1.9 percent net increase over the past year
15 percent average ROI for 7 security technologies
Even with the HP sponsorship Ponemon is a decent arbiter of a global study like this. And it makes sense that cybercrime is up, we just don’t know how high.
most interesting :
{ Cyber crime cost varies by organizational size. Results reveal a positive relationship between organizational size (as measured by enterprise seats) and annualized cost. However, based on
enterprise seats, we determined that small organizations incur a significantly higher per capita cost than larger organizations ($1,388 versus $431). }
This study is designed to help HP sell products, but reading into some info, the small organizations actually have a higher per capita cost structure when a breach actually happened. This is due to the cost of a breach is now spread over fewer seats.
The problem is also that the cost of a breach may be high either way , for a small or large organization.
To me it all depends on what you are defending. How big your customer base is, what about your customers are you storing.
It is bad if/when you get breached, but it would be great if there wasn’t much for the criminal hacker to get. There are always costs in breaches, and finding the most visible ones is important in risk analysis.
{ The most costly cyber crimes are those caused by malicious insiders, denial of services and web-based attacks. Mitigation of such attacks requires enabling technologies such as SIEM, intrusion prevention systems, applications security testing solutions and enterprise GRC solutions. }
This might be obvious to you and I, but it is good to be able to have some proof when asking for budgets to be approved.