New Research Shows Cybercrime Costs Have Increased Nearly 40 Percent

According to new research sponsored by HP, the cost and frequency of cybercrime has increased for the third straight year. The third-annual Cost of Cyber Crime Study shows the occurrence of cyberattacks has more than doubled since 2010. The cost of the attacks has increased by nearly 40 percent over the same three year period.

The study was conducted by the Ponemon Institute and sponsored by HP. The 2012 Cost of Cyber Crime Study took a look at a sample of U.S. organizations and found that the average annualized cost of cybercrime was $8.9 million. The study also shows a 42 percent increase in the number of cyberattacks. On average, organizations experienced about 102 successful attacks per week. In 2011, there were 72 attacks per week. The 2010 study showed 50 attacks per week.

While all cybercrimes can be costly, the most costly attacks are often caused by malicious code, denial of service, stolen or hijacked devices, and malevolent insiders. Together, these cybercrimes account for more than 78 percent of annual cybercrime costs per organization.

The study also found that security intelligence solutions are a key to mitigating the impact of cybercrime. In fact, organizations that deployed security information and event management (SIEM) solutions realized a cost savings of nearly $1.6 million per year and had a substantially lower cost of recovery, detection, and containment.

On average, the time needed to resolve a cyberattack is 24 days, though the study found it can take up to 50 days. The average cost incurred during the 24-day period was $591,780 compared to last year's estimated average cost of $415,748 during an 18-day average resolution period. Recovery and detection account for almost half of the internal costs associated with cybercrime.