Cyber attacks are a reality for all organizations. In this year’s cost of cyber crime research we focus on the importance of thriving and innovating while simultaneously reducing the financial and reputational consequences of a cyber attack. An important finding of this research is that a high security profile, as determined by the deployment of specific practices and technologies, will support business innovation and reduce the cost of cyber crime.
Global Study at a Glance
- 237 companies in 6 countries
- 1,278 interviews with company personnel
- 465 total attacks used to measure total cost $9.5 million average annualized cost
- 21 percent net increase in the total cost over the past year
For purposes of this study, we define cyber attacks as criminal activity conducted via the Internet. These attacks can include stealing an organization’s intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country’s critical national infrastructure.
The goal of this study is to provide guidance to security professionals on how to focus their finite security resources on those solutions that most effectively protect organizations as they innovate and change. We do this by comparing the business innovations of companies participating in the research to the usage of specific security practices and technologies. Examples of innovation we include in this report are: taking on a new supplier or business partner, launching a significant new customer-facing application or reorganizing the company to achieve greater efficiencies.
Nine characteristics of innovative and cyber secure organizations.
Findings reveal the following characteristics of organizations that both innovate their operations to meet business objectives and minimize the financial and reputational consequences of a cyber crime.
- Security posture : Overall, these organizations, prior to engaging in new business opportunities and changes in operations, assess potential security risks in order to improve their security posture. This includes the persistent use of security technologies such as advanced access management systems, extensive deployment of encryption technologies and enterprise deployment of GRC tools.
- Information management : Information loss is now the biggest financial impact of a cyber attack. Consequently, organizations with advanced backup and recovery were able to reduce the impact and ensure business continuity and data protection.
- Information governance : These companies deploy advanced procedures for backup and recovery operations, share threat intelligence, collaborate with industry partners on security issues and integrate security operations with enterprise risk management activities.
- Data protection : These organizations make investing in technologies and processes that reduce information loss a priority because they understand it is the most costly cyber attack to remediate. They are also shifting budget to the application and data layers rather than the network layers, to fortify the areas most vulnerable to information loss.
- Application security : Prior to the launch of customer-facing applications, these organizations do not rush to release. They ensure the necessary security is built into the applications and vulnerabilities are addressed. These companies use several application security controls such as penetration testing, security patch management and dynamic and static scanning.
- Detection and recovery : To reduce the time to determine the root cause of the attack and control the costs associated with a lengthy time to detect and contain the attack, these organizations are increasing their investment in technologies to help facilitate the detection process.
- Third-party risk : These organizations are able to reduce the risk of taking on a significant new supplier or partner by conducting thorough audits and assessments of the third party’s data protection practices.
- Insider threat : A possible negative consequence of reorganization or acquisition of a new company can be disgruntled or negligent employees. These organizations ensure processes and technologies are in place to manage end user access to sensitive information. Further, there are training and awareness programs in place to address risks to sensitive data caused by changes in organizational structure and new communication channels.
- SIEM : These companies deploy advanced security information and event management (SIEM) with features such as the ability to monitor and correlate events in real-time to detect critical threats and detect unknown threats through user behavior analytics.
YOU CAN FIND MORE DETAILS IN THE LINK : https://www.ponemon.org/local/upload/file/2016%20HPE%20CCC%20GLOBAL%20REPORT%20FINAL%203.pdf