The Price Tag for Cyber Crime Continues to Increase

Cyber crime is not new. And despite grappling with it now for years, the cost of cyber crime continues to increase. This has been made plain by the 2013 Cost of Cyber Crime Study by the Ponemon Institute that was sponsored by Hewlett-Packard.

What do we learn from this study? Well, for starters, the annual cost of cyber crime is a staggering $11.56 million per U.S. organization. This represents a 26 percent increase from the $8.9 million figure from last year.

Cyber Attacks More Complex, More Frequent

One might think that this cost should decrease over time as companies learn how to deal with cyber crime. However, the opposite appears to be true, as the complexity and frequency of attacks have increased. Furthermore, companies are spending more money on credentialed security personnel than in the past (which is a good thing, of course).

Notwithstanding increased costs, security intelligence tools can help to bring down the costs of dealing with cyber crime. Indeed, the study indicates that the return on investment of such tools is 21 percent.

With respect to heightened attack volume, U.S. organizations are experiencing 122 attacks weekly on average. This represents an increase from 102 average weekly attacks last year.

Longer Response Time

The time to respond to attacks also has lengthened. This year, 32 days on average go by before a cyber attack is resolved. This is an increase from 24 average days last year. Again, this may relate to the greater complexity of attacks. It also may result from companies trying to take more care in resolving attacks properly while going into further depth as to forensic analysis.

Since the beginning of time, there have been some people who are up to no good. This has been happening on the Internet in recent times. And while cyber crime likely is here to stay, companies cannot lie down and just take it. They therefore will have to do their best to maintain security, including paying the freight to get the job done as best as possible going forward.

Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress