Cost of cybercrime jumped 82 per cent in six years: study

NEW YORK—Cybercrime costs are climbing for companies across the world amid a slew of high-profile breaches, according to research released Sept. 7.

A sixth-annual study by the Ponemon Institute pegged the average annual cost of cybercrime per large U.S. company at US$15.4 million. That’s up 19 per cent from $12.7 million a year ago.

It also represents an 82 per cent jump from Ponemon’s inaugural study six years ago.

Individually, cybercrime costs for the U.S. companies surveyed varied dramatically, ranging from $1.9 million to $65 million. And the average cost of a cyberattack on a U.S. company rose 22 per cent to $1.9 million from $1.5 million.

Globally, the average annualized cost of cybercrime increased 1.9 per cent from last year to $7.7 million.

“As an industry we’re getting better, but attacks are becoming much more invasive and sophisticated,” said Andrzej Kawalec, chief technology officer for Hewlett-Packard Co.’s HP Enterprise Security, which sponsored the study and sells cybersecurity services to businesses.

The study examined the total cost of responding to cybercrime incidents, including detection, recovery, investigation and incident-response management. It also looked at after-the-fact expenses designed to prevent additional costs stemming from the potential loss of business or customers.

Recent expensive and embarrassing breaches at companies including Target, Home Depot and Sony Pictures have prompted many companies to boost their cyberdefenses.

The study looked at a sample of 58 U.S. companies with at least 1,000 connections to its computer network. Globally, the study analyzed data from 252 companies in the U.S., United Kingdom, Germany, Australia, Japan, Russia and Brazil.