A pair of HP-sponsored research reports confirms that the cost of cybercrime is rising across the globe. But businesses are not prepared, according to an article in the latest issue of HP INFORM, the interactive e-magazine.
The Ponemon Institute Research Report: Cost of Cyber Crime found that the average annualised cost of cybercrime incurred by a benchmark sample of US organisations was $11.56 million. The results also showed that the time taken to resolve a cyber-attack has increased from 27 to 31 days, with the average cost incurred to resolve attacks standing at over $1 million, a 23% increase over last year.
Meanwhile, the corresponding Ponemon Institute Research Report: The Importance of Senior Executive Involvement in Breach Response…showed a startling 57% of CEOs have not been trained on what to do after a data breach, and more than 70% of executives think their organisation only partially understands the information risks it’s exposed to. According to the report, most senior leaders, including the CEO and board of directors, are seriously underprepared for the job. Perhaps the greatest issue in effective breach response, according to the report, is failure of communication—which 70% of executives cited as a serious barrier.
Cross-functional teams can calm the storm
While the CISO/CSO owns the internal response, it’s typically the CEO and executive leadership that set the tone for the public response. Their lack of preparedness and failure to understand the risk, combined with rising levels of cybercrime, could mean a perfect storm for enterprises in the United States and beyond.
Based on the findings of the second report, HP’s security experts recommend a cross-functional team that is comfortable working together to calm the storm—by ensuring better communication throughout the organisation. The senior team should include representatives from general counsel, internal audit, human resources, and corporate communications. They all need to work in concert to minimise damage to an organisation’s brand reputation and stock price.
Cyber defence needs a proactive approach
Art Wong, senior VP and general manager of HP Enterprise Security Services, who advocates the proactive approach to cyber defence, commented on the findings of both reports.
“Adversaries only need to be successful once to gain access to your data, while the IT department must be successful 100 per cent of the time to stop the cascade of attacks businesses face each day.” he said.
“No amount of investment can completely protect organisations from highly sophisticated cyber attacks, but how prepared an organisation is in the event of a breach can dramatically change the outcome and save a brand’s reputation.”
Download the full reports: