Attacks/Breaches
4/1/2014
07:15 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Free Tool Helps Calculate How Much A Cyberattack Will Cost Your Company

New online tool - CyberTab - launched today by The Economist Intelligence Unit

FOR IMMEDIATE RELEASE 

MARCH 31, 2014


• CyberTab is a free and anonymous calculator that helps companies tally the cost of specific cyberattacks


• EIU invites companies to join its research programme into the cost of cybercrime

The Economist Intelligence Unit has today (March 31st) launched an online tool that is designed to tally the bill from cyberattacks. Incidents of cybercrime are reported in the media almost every day, yet reliable estimates of their financial impact on companies are few and far between. CyberTab, sponsored by Booz Allen Hamilton, is designed to address this gap.

Tool users, including information-security, risk, financial and other senior executives, can input a range of expenses and estimated costs for either a specific attack scenario or actual breach. CyberTab will then generate a comprehensive report that explains the total cost and enables a cost-benefit analysis of security strategies.

The tool does not require information that would identify executives or their companies. It also does not collect data without opt-in permission and is free to use.

 

Riva Richmond, editor at The Economist Intelligence Unit, said:
“Today cyberattacks are ‘not if, but when’ for nearly all companies—and the financial fallout is severe and likely to get worse. Yet deep corporate fear about disclosure has led to a culture of secrecy that has hurt our ability to understand the size and shape of the problem we face. It also makes it harder for companies to learn from each other and devise more robust defence strategies.

 

“Executives can gain new insight into their own company’s risks by using CyberTab, and can do so anonymously and leave no trace of their data. But we want people to be part of the solution and take part in our research programme. By submitting data anonymously, they will be taking a step towards a broader understanding this complex problem.”

 

 

CyberTab is located at https://cybertab.boozallen.com
Read Riva Richmond’s blog post at http://www.economistinsights.com/technology-innovation/opinion/whats-damage

 

For more information, contact:
Mathew Hanratty, Press Liaison, +44 (0)20 7576 8546; MathewHanratty@economist.com
Riva Richmond, Editor, Economist Insights, +1 212 698 9710; RivaRichmond@eiu.com

About the Economist Intelligence Unit

The Economist Intelligence Unit (EIU) is the world's leading resource for economic and business research, forecasting and analysis. It provides accurate and impartial intelligence for companies, government agencies, financial institutions and academic organisations around the globe, inspiring business leaders to act with confidence since 1946. EIU products include its flagship Country Reports service, providing political and economic analysis for 195 countries, and a portfolio of subscription-based data and forecasting services. The company also undertakes bespoke research and analysis projects on individual markets and business sectors. More information is available at www.eiu.com or follow us on www.twitter.com/theeiu
 
The EIU is headquartered in London, UK, with offices in more than 40 cities and a network of some 650 country experts and analysts worldwide. It operates independently as the business-to-business arm of The Economist Group, the leading source of analysis on international business and world affairs.

About Booz Allen Hamilton

Booz Allen Hamilton has been at the forefront of strategy and technology consulting for 100 years. The firm provides services primarily to the US government, and to major corporations, institutions, and not-for-profit organizations. Booz Allen offers clients deep functional knowledge spanning consulting, analytics, mission operations, technology, and engineering. In 2014, Booz Allen celebrates its 100th anniversary year. To learn more, visit www.boozallen.com.

 

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7241
Published: 2014-12-19
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.

CVE-2014-7249
Published: 2014-12-19
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 992...

CVE-2014-7267
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7268.

CVE-2014-7268
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7267.

CVE-2014-8272
Published: 2014-12-19
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.