In yet another argument to either boost security or start a program, one targeted attack costs an enterprise an average of $214,000, a new study shows.
Germany came in with the highest estimated cost for one successful cyber attack at $298,359 with the United States second at $276,671, according to study independently conducted by the Ponemon Institute, entitled “Impact of Cybercrime on Businesses.” The low cost for one targeted attack belonged to Brazil at $106,904; Hong Kong was at $159,244, and the UK at $229,560.
The expenses covered in an attacker for a “forensic investigation, investments in technology and brand recovery costs,” the study said.
The report polled 2,618 C-level executive and IT security personnel from the United States, United Kingdom, Germany, Hong Kong and Brazil. Its purpose was to identify commonalities among the countries relating to security.
In what may be a boost for the security industry, senior executives are looking as though they are catching on to the need for security as they are more concerned about cyber attacks and see a greater need to take steps to reduce the risk, the report said. In all organizations represented in this study, respondents who hold leadership positions are more likely than respondents in lower level IT and IT security positions to say their organizations remain concerned and have fully implements and applied security precautions, technology and training.
Meanwhile, frequency of attacks is higher in Germany and in the U.S. followed by the UK. Organizations face the challenge of dealing with multiple cyber attacks each day. The average number of security attacks against organizations per week in Germany is 82, while in the U.S. it is 79. In the UK the average is 68 per week. Hong Kong and Brazil are much lower at 54 and 47 attacks per week, respectively.
Even as hacktivism continues to make headlines, Scott Emo, head of endpoint product marketing at Check Point Software Technologies, which commissioned the survey, said the findings indicate it is all about money.
According to 65 percent of respondents, financial fraud is the primary motive for targeted threats, followed by customer data theft and disruption of business operations, which could lead to monetary gain for the attackers.
Additionally, the report said a majority of companies worry about the use of personal mobile devices in the workplace, including smartphones and tablets.
Although the security landscape is continuously evolving, 64 percent of respondents said their companies currently have training and awareness programs in place to aid in preventing attacks.
“While the types of threats and level of concern companies have may vary across regions, the good news is that security awareness is rising,” said Larry Ponemon, chairman and founder of the Ponemon Institute.