Threat Management, Threat Management

Targeted attacks cost companies an average of $200k

The result of not bulking up information security efforts could cost companies more than $200,000, a study reveals.

Independently conducted by the Ponemon Institute, the "Impact of Cybercrime on Businesses" survey states that targeted attacks cost enterprises an average of $214,000. The expenses are associated with “forensic investigation, investments in technology and brand recovery costs.”

The report polled 2,618 C-level executive and IT security personnel from the United States, United Kingdom, Germany, Hong Kong and Brazil. Its purpose was to identify commonalities among the countries relating to security.

While the average cost of one successful attack for U.S. companies has an extrapolated value of $276,671, Germany came in with the highest estimated cost for an average cyber attack at $298,359, the study found.

Even as hacktivism continues to make headlines, Scott Emo, head of endpoint product marketing at Check Point Software Technologies, which commissioned the survey, said the findings still indicate it is all about financial gain for saboteurs.

“The main motivation for cyber crime is still good old-fashioned thievery.”

– Scott Emo, head of endpoint product marketing at Check Point

According to 65 percent of respondents, financial fraud is believed to be the primary motive for targeted threats, followed by customer data theft and disruption of business operations, which could lead to monetary gain for the attackers.

“The main motivation for cyber crime is still good old-fashioned thievery,” Emo said on a phone call Friday with SCMagazine.com. “They're after the money.”

Additionally, the report stated that a majority of companies are concerned with the use of personal mobile devices in the workplace , including smartphones and tablets. Each country involved in the survey revealed bring-your-own-device to be the most worrisome threat vector.

Although the security landscape is continuously evolving, 64 percent of respondents said their companies currently have training and awareness programs in place to aid in preventing attacks. The level of concern expressed by C-level executives have caused companies to implement security precautions and technology to diminish risks associated with targeted attacks, Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement released by Check Point.

“While the types of threats and level of concern companies have may vary across regions, the good news is that security awareness is rising,” Ponemon said.

Of the security participants surveyed, various industries were represented, but financial services, retail, health and pharmaceuticals, and the public sector contributed half of the results.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.