Executive Briefings

Time to Detect, Resolve Cyber Attacks Reportedly Averages Seven Months

It’s not a surprise that cyber crime is costly for organizations. The cost of any lost productivity, combined with the fallout of any compromised data, the impact to the organization's reputation, and the cost to clean up and recover from an attack all add up. Not to mention the cost of the time lost.

The 2014 Ponemon Cost of Cyber Crime study, sponsored by HP, is the fifth annual report on the costs associated with cyber crime. The findings this year show that cyber crime is becoming more costly each year, and that it is taking longer for organizations to recover from cyber attacks.

The cost of cyber crime ranged from $1.6m to $61m—with an annualized average of $12.7m. That is nearly 10 percent higher than the average cost in 2013.

One of the most concerning findings of the study, though, is the amount of time involved in detecting and resolving an attack. The average time it takes to detect a malicious cyber crime attack is 170 days. Some types of attack—specifically attacks involving malicious insiders with authorized access to the network—take 259 days on average to detect. The average time to clean up after an attack is discovered is 45 days. That means it is taking more than seven months on average for organizations to realize they’ve been attacked, and fully recover.

Read Full Article

The 2014 Ponemon Cost of Cyber Crime study, sponsored by HP, is the fifth annual report on the costs associated with cyber crime. The findings this year show that cyber crime is becoming more costly each year, and that it is taking longer for organizations to recover from cyber attacks.

The cost of cyber crime ranged from $1.6m to $61m—with an annualized average of $12.7m. That is nearly 10 percent higher than the average cost in 2013.

One of the most concerning findings of the study, though, is the amount of time involved in detecting and resolving an attack. The average time it takes to detect a malicious cyber crime attack is 170 days. Some types of attack—specifically attacks involving malicious insiders with authorized access to the network—take 259 days on average to detect. The average time to clean up after an attack is discovered is 45 days. That means it is taking more than seven months on average for organizations to realize they’ve been attacked, and fully recover.

Read Full Article