While the financial cost of cyber crime has surged globally, Australian firms have not been hit as hard as their offshore counterparts, new research has confirmed.
The cost of cyber-attacks have jumped 23 per cent this year, according to a report jointly released by Accenture and the Ponemon Institute, an independent US researcher on privacy and data protection.
The research found that companies on average suffer 130 breaches per year, up 27.4 on last year and almost double what it was five years ago.
After conducting a survey of 254 firms, the report found that these breaches resulted in a collective average hit of US$11.7 million in 2017.
"Breaches are defined as core network or enterprise system infiltrations," the release said.
Surge follows WannaCry
This surge in attacks follows series of infamous malware attacks including WannaCry and Petya, which cost several global firms hundreds of millions of dollars in lost revenues.
Of the 7 countries surveyed, US companies reported the highest average annual cost at US$21 million, while Australian firms had the lowest, at US$5.4 million.
Germany experienced the biggest increase in total cybercrime costs from US$7.84 million to US$11.15 million.
Japan saw a 22 per cent increase in costs to US$10.45 million – the third highest increase of the countries surveyed.
Costs also varied considerably by the type of cyber-attack with malware and web-based attacks being the most expensive.
Each malware infection that happens costs around $2.4 million, on average, the release said.
Hard to fix
What’s particularly scary though is that it is that these types of cyber crimes are taking longer to mitigate.
Ransomware attacks are taking an average of more than 23 days to resolve, the report found.
This compares to incidents involving malicious insiders which are taking on average 50 days to fix.
Meanwhile, 27 per cent of respondents reported that they were targets of successful ransomware attacks this year, more than double the 13 per cent reported last year.
For companies in Germany and Australia, 23 per cent of total annual cyber incident costs are due to malware attacks, the release said.
In France, 20 per cent of the total cybercrime annual costs are attributed to web-based attacks.
Loss of information damaging
Denial of service attacks account for 15 per cent of total cybercrime annual costs in both Germany and the UK.
In their research,Accenture and Ponemon looked at four impacts on organisations that suffered a cyber-attack: business disruption, loss of information, loss of revenue, and damage to equipment.
Loss of information was the most damaging impact for 43 per cent of respondents.
“The foundation of a strong and effective security program is to identify and ‘harden the most-high value assets,” said Larry Ponemon, founder of the Ponemon Institute.
“While steady progress has been made in improving cyber defense, a better understand of the cost of cybercrime could help businesses bridge the gap between their own vulnerabilities and the escalating creativity – and numbers – of threat actors,” he said.
Banks and insurers are the worst hit, with an average annual cost of US$18.28 million.