Annual CSI Study: Cost of Cybercrime Is Skyrocketing
Average annual loss per company has more than doubled since last year, according to bellwether study
If your organization was hit hard in the wallet by cybercriminals in the past 12 months, you're not alone.
According to the Computer Security Institute's annual Computer Crime and Security Survey, which is scheduled for release later this week, companies reported average annual losses of $350,424 in the past year, up sharply from the $168,000 they reported the previous year. (See CSI/FBI: Violations, Losses Down and 10th Annual CSI/FBI Survey .)
This is the first year since 2002 that CSI -- which has developed the survey jointly with the FBI for 11 years -- has reported an increase in average annual losses. "Not since 2004 have average losses been this high," the CSI says in a sneak peek of its report.
For the first time, financial fraud overtook virus attacks as the source of the greatest financial losses, according to CSI. Virus losses, which had been the top cost for seven years straight, fell to second place. "But if separate categories concerned with the loss of customer and proprietary data are lumped together, however, then that combined category would be the second-worst cause of financial loss," the report says.
Insider abuse of network access or email surpassed virus incidents as the most prevalent security problem in the past year, with 59 and 52 percent of respondents reporting each, respectively.
Almost one fifth (18 percent) of respondents who suffered one or more types of security incidents in the past year also said they'd suffered at least one targeted attack -- a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population.
The percentage of organizations reporting computer intrusions to law enforcement continued upward, reversing a decline over the past two years. Twenty-nine percent of respondents that experienced a security incident in the past 12 months reported it to the police; only 25 percent did so last year.
More details on the study, as well as a copy of the study itself, will be available on Dark Reading in the next few days.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024