View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 8, 2015updated 21 Oct 2016 5:14pm

Cyber crime costs UK enterprises $6.3bn – up again

News: Highly respected report records big jump in costs since 2013 as global cybercrime costs continue to rise

By Sam

The UK lost $6.3bn in financial year 2015, up from $5.9bn last year and $4.7bn in 2013.

In its annual cyber crime report the highly respected Ponemon institute ranked the UK fourth behind the US, Germany and Japan on cyber crime costs for enterprise businesses as measured by number seats.

The Ponemon Institute global report findings include: The mean annualized cost for 252 benchmarked organizations is $7.7 million per year, with a range from $0.31 million to $65 million. Last year’s mean cost was $7.6 million, or a 1.9 percent net change after adjustment for currency differences/

Results reveal a positive relationship between organizational size (as measured by enterprise seats) and annualized cost.4 However, based on enterprise seats, we determined that small organizations incur a significantly higher per capita cost than larger organizations ($1,388 versus $431).

Activities relating to IT security in the network layer receive the highest budget allocation. In contrast, the host layer receives the lowest funding level.

Deployment of security intelligence systems makes a difference. The cost of cyber crime is moderated by the use of security intelligence systems (including SIEM). Findings suggest companies using security intelligence technologies were more efficient in detecting and containing cyber attacks. As a result, these companies enjoyed an average cost savings of $1.9m when compared to companies not deploying security intelligence technologies.

Detection is the most costly internal activity followed by recovery . On an annualized basis, detection and recovery costs combined account for 53 percent of the total internal activity cost with productivity loss and direct labor representing the majority of these costs.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The most costly cyber crimes are those caused by malicious insiders, denial of services and web-based attacks. Mitigation of such attacks requires enabling technologies such as SIEM, intrusion prevention systems, applications security testing solutions and enterprise GRC solutions.

Results show a positive relationship between the time to contain an attack and organizational cost. Please note that resolution does
not necessarily mean that the attack has been completely stopped. For example, some attacks remain dormant and undetected (i.e., modern day attacks). The mean number of days to resolve cyber attacks is 46 with an average cost of $21,155 per day – or a total cost of $973,130 over the 46-day remediation period.

On an annualized basis, business disruption accounts for 39 percent of total external costs, which include costs associated with business process failures and lost employee productivity.

All industries fall victim to cybercrime, but to different degrees. The average annualized cost of cyber crime appears to vary by industry segment, where organizations in financial services and utilities & energy experience substantially higher cyber crime costs than organizations in healthcare, automotive and agriculture. life sciences and healthcare.

Image presents the estimated average cost of cyber crime for country samples involving 252 separate companies, with comparison to last year’s country averages.

The report was produced in partnership with HP.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.