Image Courtesy By trick77/www.flickr.com |
Warning. This blog will self destruct in 30 seconds.
How times have changed.
Just about any business has at least
one computer. And even if they don't, things like credit card
processing machines and computerized cash registers can be
compromised.
Whether you know it or not, you are
risk for cybercrime and it will cost you in the end
In July of 2009, ArcSight (A HP
company) and Ponemon Institute released its First Annual Cost of
Cyber Crime Study.
According to the study, which involved
interviews with the data protection and IT security practitioners in
45 US organizations, cyber crime is common, intrusive, and can have a
significant impact on an organization’s bottom line. Over a
four-week period, the 45 organizations surveyed in the study
experienced 50 successful attacks per week, or more than one
successful attack per organization per week. This resulted in a
median annualized cost of $3.8 million per organization per year,
with costs for the complete benchmark sample ranging from $1 million
to nearly $52 million.
“Every corporation is vulnerable to
thousands of cyber attacks that occur daily across all industries,
causing information theft, disruption to business operations and
serious financial loss,” said Dr. Larry Ponemon, founder and
chairman of the Ponemon Institute.
Additional key findings of the study
include:
- The most costly cyber crimes are those caused by web attacks, malicious code and malicious insiders, which account for more than 90% of all cyber crime costs per organization on an annual basis.
- Cyber attacks can be costly if not resolved quickly. In the sample, malicious insider attacks took up to 42 days or more to resolve, with the average cost to an organization of nearly $18,000 per day.
- Detection and recovery are the most costly internal activities. On an annualized basis, detection and recovery combined account for 46% of the total internal activity cost, with labor representing the majority of these costs.
Scary figures, but it is the world we
live (and run businesses) in today. What's a company to do? Here are a few links that can help.
-
US-CERT United States Computer Emergency Readiness Team
"US-CERT is charged with providing response support and defense against cyber attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry and international partners." -
Cybercrime
A clearinghouse of cybercrime information and resources. There are legal and policy issues, the federal code as it relates to this subject, telephone numbers to report the different types of computer crimes, a section for children, and more. -
Federal Bureau of Investigation: Cyber Investigations
Website for this Federal Bureau of Investigation (FBI) division whose initiatives center on computer intrusions, online sexual predators and child pornography, anti-piracy and intellectual property rights, and organized crime involving Internet fraud. -
Internet Crime Complaint Center (IC3)
The "IC3's mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime." - CSO, Security and Risk
-
Threatpost
A security news site.
Thank you to Bellevue University for the links
It's no long a matter of “if”you
get attacked, but “when.” Will you (and your company) be ready?
Until Next Time...
No comments:
Post a Comment