Cybercrime costs American companies a median loss of $3.8 million a year, according to a study released Monday by security firm ArcSight and the Ponemon Institute, a privacy research organization.
The study was based on interviews with data protection and IT practitioners from 45 U.S. organizations from various sectors, who shared details about the volume of threats they face every day. Over a four-week period, these companies experienced 50 successful attacks per week. That's more than one successful attack per organization per week.
Losses to cybercrime ranged from $1 million on the lower end to as much as $52 million, the report said.
"Cybercrime is common, intrusive and can have a significant impact on an organization's bottom line," the report said.
Cybercrime threats to corporations include intellectual property theft, bank account compromises, virus distribution, confidential information leaks onto the Internet and disruptions to the country's critical infrastructure.
According to the study, responding to Web attacks, exploits through malicious code and malicious insiders accounted for 90 percent of all cybercrime costs per organization per year. Those costs mostly came from detection and recovery internal activities, which accounted for 46 percent of annual response expenses.
For example, malicious insider attacks took up to 42 days or more to resolve, with the average cost to an organization of nearly $18,000 per day, the report said.
(C) San Francisco Chronicle 2010
Subscribe to:
Post Comments (Atom)
.gif)
No comments:
Post a Comment