sb-nz logo
Story image

Malware and malicious insiders account for a third cybercrime costs

01 Apr 2019

The cost to global companies from malware and “malicious insider” related cyber attacks jumped 12 per cent in 2018 and accounted for one-third of all cyberattack costs, according to new research published today by Accenture and the Ponemon Institute.

Based on interviews with more than 2,600 security and information technology (IT) professionals at 355 organisations worldwide, Accenture’s 2019 "Cost of Cybercrime Study" found that the cost to companies due to malware increased 11 per cent, to more than US$2.6 million (NZ$3.76 million) per company, on average, and the cost due to malicious insiders, defined as employees, temporary staff, contractors and business partners, jumped 15 per cent, to US$1.6m  (NZ$2.3m) per organisation, on average.

Together these two types of cyber attacks accounted for one-third of the total US$13.0m (NZ$18.8m) cost to companies, on average, from cybercrime in 2018, an increase of US$1.3m (NZ$1.8m) in the past year. Similarly, the cost to companies from phishing and from social engineering increased to US$1.4 million (NZ$2m) per organisation, on average.

The study calculated cybercrime costs as what an organisation spends to discover, investigate, contain and recover from cyber attacks over a four-consecutive-week period, as well as expenditures that result in after-the-fact activities — i.e., incident-response activities designed to prevent similar attacks — and efforts to reduce business disruption and the loss of customers.

Accenture New Zealand MD Justin Gray says, “In New Zealand, we are facing similar issues to our global counterparts. From people to data to technologies, every aspect of a business invites risk and too often security teams are not closely involved with securing new innovations.

“Security is everyone’s responsibility and it’s time for a more holistic and preventative approach to cyber risk management, especially as the way we live, work and play become increasingly digitised. By understanding where they can gain value in their cybersecurity efforts, leaders in New Zealand can minimise the consequences, and even prevent, future attacks.”

Story image
Sophos named mobile security Leader in IDC MarketScape
Sophos Intercept X for Mobile has capabilities in protecting Android, iOS and Chrome OS users from known and never before seen mobile threats.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Link image
Cloud infrastructure sprawl a major issue for digital business
MoneySupermarket Group shares how performance monitoring helped him reduce cloud costs by 50%, among other business benefits.More