Network Security

Study: Organizations suffer critical and costly IT incidents five times a month

On average, organizations experience a critical IT incident five times per month, with each one costing a mean of $141,628, according to a new report, based on a study conducted by research firm Quocirca on behalf of big-data company Splunk.

Of this total amount, IT department costs account for $36,326, while the remaining $105,302 is comprised of downstream costs to the business. Extrapolating these numbers over the course of a full year, these high-severity events would cost close to $8.5 million.

For the purpose of this study, Quocirca surveyed 1,000 senior IT managers in nine countries. Among these respondents, 70 percent said that a past critical incident -- such as a data breach, ransomware infection of distributed denial of service attack -- damaged their organization's reputation. And yet, 96% of survey-takers admitted that their organizations are failing to learn from previous incidents, and 80 percent said that their mean time to detect incidents can still be improved.

Based on survey responses, the mean time to repair such critical incidents is 5.81 hours, the report notes.

Of course, not every incident is critical in nature. On average, organizations are experiencing 1,200 IT incidents of varying severity per month.

Another new report, based on a study conducted by Ponemon Research on behalf of Radware, similarly reveals how IT departments can become overwhelmed responding to incidents. Of 600 surveyed CISOs, 45 percent of them revealed that they experienced a data breach in the last year, and 68 percent said they lack confidence that they can keep their corporate information safe. Moreover, only 27 of respondents who specifically work in the healthcare industry said they felt confident they could protect patients' medical records.

The study's primary focus in on web application security, including how it can be impacted by bot-driven web traffic. One on three CISOs surveyed for the study acknowledged that their organizations are unable to differentiate between good bots and bad bots, even though in some cases bots represent more than 75 percent of a company's total web traffic.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.