The recently published “2013 Cost of Cyber Crime Study” conducted by the Ponemon Institute and sponsored by HP reveals that the cost of cybercrime has risen approximately 26% since 2012, despite the prediction by Larry Ponemon that it would level off.
Are there lessons we can learn from this? You bet.
The main lesson: preparation is the key!
When I was in military school, we had many sayings and phrases we had to memorize and repeat. The one that has stuck with me for more than thirty years is: “Never ready; always prepared!” Simply put, you can never be ready for everything, but you can be prepared for anything.
Businesses that prepare for a breach with the assumption that one day it will occur fare much better than those that don’t. They detect more quickly, recover more quickly, and spend much less money doing so. They also typically walk away with their reputation intact with very little to no news coverage.
Howard Anderson from BankInfoSecurity stated in his article in October, “The [Cyber Crime Study] shows that organizations with good security governance practices generally have lower costs.”
There are a few points that jump out when reading the results of the study. Michael Kerner of eWeek reported that higher cybercrime costs are due to the complexity of attacks, the fact that they are more stealthy and harder to detect, and the fact that attack frequency is up significantly: 122 attacks on companies a week, compared to 102 in 2012.
In HP’s press release regarding the study, they revealed that theft of information is the most costly external factor and recovery and detection are the most costly internal activities.
The good news is that according to the report, intelligence-driven security tools and techniques provide a very good return on investment (ROI). As reported by eWeek, “[T]he study found that the ROI was 21 percent for organizations that use security intelligence tools.”
For more information on intelligence-based security and the cyber kill chain, take a look at my white paper entitled “Actively Defending Across the Cyber Kill Chain.” You will learn how understanding the enemy and utilizing intelligence-based security can help you detect attacks early on.
Anyone who has paid attention to security news is very familiar with the increase in cyber attacks and the fact they are becoming more sophisticated and prevalent. Preparation and vigilance are key. As I stated in my white paper mentioned above, companies can no longer afford to approach security with the “set and forget” attitude.
The two most costly aspects for companies are, externally, the loss of information and, internally, the detection and clean up.
If the company jewels are well protected, external attacks should be reduced, minimizing the loss of information. The fact is most companies do not encrypt data and usually do not seek to control data once it is off the network, say, for instance, on an employee’s mobile device. Lock it down.
With regard to internal detection and clean up, refer back to the “set and forget “attitude above. Consider intelligence-driven security, ensure your company has implemented a good incident response/business continuity-disaster recovery plan, and prepare, prepare, prepare. Remember: Never ready; always prepared!
Related Courses
Foundstone Forensics & Incident Response
CISM Prep Course
SCYBER – Securing Cisco Networks with Threat Detection and Analysis
Security+ Prep Course (SYO-301)