Over the past four years, cybercrime costs have climbed by an average of 78%, while the time required to recover from a breach has increased 130%.

Those findings come from the fourth annual Cost of Cyber Crime Study, conducted by Ponemon Institute and sponsored by HP. Ponemon's researchers studied 234 businesses around the world, located in the United States, Australia, France, Germany, Japan and the United Kingdom.

In the United States, the annual cybercrime cost seen by the 60 businesses studied ranged from $1.3 million to more than $58 million and averaged $11.6 million per company -- an increase of $2.6 million from 2012. Meanwhile, the average cost of cleaning up after a single successful -- and serious -- attack was $1 million.

"What we call a 'serious attack' is one that doesn't bounce off the firewall," said Larry Ponemon, chairman of the Ponemon Institute, speaking by phone. That's a reference to the fact that businesses are typically hit with numerous attempted -- or nuisance -- attacks each day. "When it slips through that first line of defense, it's something that's measurable in our model," he said.

On average, each U.S. business falls victim to two successful attacks per week. All told, the 60 U.S. businesses studied collectively logged 122 successful attacks per week, which is an increase from 102 successful attacks per week in 2012. The time required to resolve a cyberattack likewise increased from an average of 24 days in 2012 to 32 days in 2013.

"The evidence suggests that things are getting worse instead of better, despite all the resources that companies are spending on cybercrime," said Ponemon.

... Read full story on InformationWeek


Post a comment to the original version of this story on InformationWeek