Cybercrime Costs Businesses $11.7 Million Per Year

Hilary Tuttle


November 1, 2017

cybercrime cost

According to the 2017 Cost of Cyber Crime Study from Accenture and the Ponemon Institute, the average cost of cybercrime globally climbed to $11.7 million per organization this year, a 23% increase from $9.5 million in 2016.

A company suffers an average of 130 breaches (defined as core network or enterprise system infiltrations) per year, a 27% increase from 2016, with malware and web-based attacks posing the costliest threats, to the tune of $2.4 million and $2 million, respectively.

Spending on security that takes a more enterprise-wide approach to risk proved most effective at reducing the costs of identifying and remediating cyberattacks. Of the technologies evaluated, investments in security intelligence systems, which help companies identify and prioritize internal and external threats, delivered the greatest operational savings at $2.8 million. While advanced perimeter controls currently receive the highest percentage of cybersecurity budgets, they reduced costs by only $1 million.

The time required to resolve cyber incidents is also increasing—it takes an average of 50 days to mitigate incidents involving malicious insiders and 23 days to mitigate ransomware attacks.

Hilary Tuttle is managing editor of Risk Management.