The cost of cybercrime has risen 62% over the past five years, costing each organization some $11.7 million per year, according to a joint report from Accenture and the Ponemon Institute report released Tuesday.
The Cost of Cyber Crime Study, announced in a joint press release, was built on the survey results of some 2,182 security and IT professionals in 254 organizations globally. According to the release, the cost of cybercrime in 2016 was $9.5 million, meaning it has jumped 23% over the past year alone.
Malware takes the title for the most expensive attack per individual incident. Each malware infection that happens costs the victim $2.4 million, on average, the release said.
SEE: IT leader's guide to reducing insider security threats (Tech Pro Research)
Despite the costs associated with cybercrime, loss of information was the most damaging result of an attack, the release said. Some 43% of respondents listed it was the biggest burden in the wake of an attack.
"The foundation of a strong and effective security program is to identify and 'harden' the most-high value assets," Larry Ponemon, chairman and founder of the Ponemon Institute, said in the release. "While steady progress has been made in improving cyber defense, a better understanding of the cost of cyber crime could help businesses bridge the gap between their own vulnerabilities and the escalating creativity - and numbers - of threat actors."
Another interesting point from the report was the sheer number of breach a company experienced on average. In the release, the firms noted that a company will suffer 130 breaches per year, on average, marking a 27.4% increase from last year. "Breaches are defined as core network or enterprise system infiltrations," the release said.
The two sectors with the highest average cost of attacks were the financial services and energy sectors. Attacks on financial sector cost an average of $18.28 million per year, while attacks on the energy sector cost $17.20 million.
It's also taking longer for businesses to fix the issues caused by cyberattacks, the release said. For example, incidents that involve malicious insiders take 50 days to mitigate, on average, the release said. Ransomware attacks take 23 days.
"Keeping pace with these more sophisticated and highly motivated attacks demands that organizations adopt a dynamic, nimble security strategy that builds resilience from the inside out - versus only focusing on the perimeter - with an industry-specific approach that protects the entire value chain, end-to-end," Kelly Bissell, managing director of Accenture Security, said in the release.
Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.
- On average, cybercrime costs a business $11.7 million per year, up 62% in the past five years. - Ponemon/Accenture, September 2017
- Malware is the most expensive type of cyberattack to recover from, costing businesses an average of $2.4 million per infection. - Ponemon/Accenture, September 2017
- Businesses around the world will suffer 130 breaches per year, on average. - Ponemon/Accenture, September 2017
- Information Security Management Fundamentals (TechRepublic Academy)
- Low-cost tools making cybercrime more accessible: SecureWorks (ZDNet)
- 10 ways to minimize fileless malware infections (TechRepublic)
- Cybercrime and cyberwar: A spotter's guide to the groups that are out to get you (ZDNet)
- Cybercrime industry growing rapidly, cybersecurity can't keep up (TechRepublic)
Conner Forrest has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.