The Cost of Cyber Crime - Slide 2

The Second Annual Cost of Cyber Crime Study, sponsored by ArcSight, an HP company, is based on a representative sample of 50 organizations in various industry sectors. While the research focused on organizations located in the United States, many are multinational corporations. For consistency purposes, the benchmark sample consists of only larger-sized organizations (i.e., more than 700 enterprise seats).

Despite widespread awareness of the impact of cyber crime, cyber attacks continue to occur frequently and result in serious financial consequences for businesses and government institutions. Key takeaways from this report include:

• Cyber crimes can do serious harm to an organization’s bottom line. The study found that the median annualized cost of cyber crime for the organizations in the study is $5.9 million per year, with a range of $1.5 million to $36.5 million each year per company. This represents an increase in median cost of 56 percent from the first cyber cost study published last year.
• Cyber attacks have become common occurrences. The companies in the study experienced 72 successful attacks per week and more than one successful attack per company per week. This represents an increase of 44 percent from last year’s successful attack experience.
• The most costly cyber crimes are those caused by malicious code, denial of service, stolen devices and Web-based attacks. Mitigation of such attacks requires enabling technologies such as SIEM and enterprise governance, risk management and compliance (GRC) solutions.

Similar to last year, the purpose of this benchmark research is to quantify the economic impact of cyber attacks and observe cost trends over time. ArcSight believes that a better understanding of the cost of cyber crime will assist organizations in determining the appropriate amount of investment and resources needed to prevent or mitigate the devastating consequences of an attack.