October 8, 2015
HP has unveiled the results from its sixth annual study in partnership with the Ponemon Institute detailing the economic impact of cyber attacks across both the private and public sectors. The findings reveal a dramatic increase in the overall cost of cyber crime, while providing insight to the most costly cyber crimes and the approaches organizations can take to minimize the impact.
Conducted by the Ponemon Institute and sponsored by HP Enterprise Security, the 2015 Cost of Cyber Crime Study quantifies the annual cost of cyber crime for companies across seven countries including the U.S., U.K., Japan, Germany, Australia, Brazil and the Russian Federation.
In the U.S. study, researchers found the average annualized cost of cyber crime incurred by a benchmark sample of U.S. organizations was $15 million, representing a nearly 20% increase year over year and an 82% increase since the study’s inception six years ago. The results also revealed the average time it takes to resolve a cyber attack — 46 days — has increased by nearly 30% during this same six-year period, with the average cost incurred to resolve a single attack totaling more than $1.9 million.1
“As organizations increasingly invest in new technologies like mobile, cloud, and the Internet of Things, the attack surface for more sophisticated adversaries continues to expand,” said Sue Barsamian, senior vice president and general manager, Enterprise Security Products, HP. “To address this challenging dynamic, we must first understand the threats that pose the most risk and then prioritize the security strategies that can make a difference in minimizing the impact.”
As organizations strive to embrace new technologies while protecting their expanded environments, there is a need to shift security strategies from traditional network control and perimeter management to an advanced focus on protecting interactions among users, applications and data. The 2015 Cost of Cyber Crime Study demonstrates this shift; reporting organizations are now committing 20 percent of their security budgets to the application layer, up 33% in just two years.