search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
FEATURE


cybersecurityeurope PAGE 52


SNAPSHOT: ATTACK CONSEQUENCES COSTS


The diff erential costs of business disruption to the 237 organisations polled in this analysis includes staff productivity and business process failures.


40%


20% 30%


10% 0%


BUSINESS DISRUPTION


of


INFORMATION LOSS


REVENUE LOSS


36% 39% 39% 35% 20% 21% 4% 4%


EQUIPMENT DAMAGES


recovery — an ‘acceptable


business expense’, even. And a survey conducted by McAfee for its How Misaligned Incentives Work Against Cyber Security report found that some executives viewed the fi nancial costs of cyber crime as tantamount to ‘the cost of doing business’, and were ‘more concerned with reputational damage than the actual losses’.


data feeds impact calculations As McAfee points out, cyber crime cost estimations face several problems, such as underreporting by victims, and the low level of data collection by governments. For example, the Offi ce of National Statistics has estimated that only around 14% of UK cyber fraud is reported. Understanding the economic impacts of cyber crime is a relatively new exercise. There’s a limited amount it can learn from how the fi nancial costs of traditional criminal activity have been assessed. ‘Governments can tell you the number of postage stamp thefts, but not online crime,’ McAfee adds. ‘A failure to collect data is compounded by reluctance on the part of companies to report they have been victims. Data collection remains problematic, national estimates imprecise.’


1% 2%


OTHER COSTS


FY 2016 FY 2015


SNAPSHOT: SPECTRUM OF LOSS IMPACTS


This broader study of business disruption surveyed European (475), APAC (739) and Australian (279) organisations.


EUROPE


LOSS OF PRODUCTIVITY CORRUPTED BUSINESS DATA INTELLECTUAL PROPERTY LOSS OF REPUTATION LOSS OF CUSTOMERS DISTRUST


PSYCHOLOGICAL STRESS EXTERNAL FINES LITIGATION


APAC AUSTRALIA


40% 43% 41% 31% 44% 37% 27% 34% 33% 33% 35% 33% 27% 33% 32% 30% 35% 26% 27% 29% 25% 19% 20% 20% 21% 23% 20%


Therefore, the raw data necessary to feed properly-informed calculations is usually not available to third-party agencies — often because targets of cyber crime are not able to audit its eff ects on their fi nances. Because of the change-driven dynamics of the cyber threat landscape, such models have to base themselves on variables which are elusive and hard to apply across disparate incidents. Nevertheless, that boardrooms and c-suites gain some grasp of the parameters is important, because it’s becoming an increasingly high-profi le aspect of governance in organisations in the private, public and third sectors. It’s also gained importance because decision-making around digital security expenditure is likely to be conditioned by the perceived fi nancial value of the assets cyber criminals want to steal, or of the fi nancial impacts of the disruption their actions cause. There’s not much point in spending more on the protection of assets than they are actually worth — especially if your IT resources are already stretched to provide basic security of digital systems due to business expansion. A third consideration is that actual and projected cyber crime


cost estimates will likely become a staple requirement of fi nancial reporting. For publicly-listed companies, the declaration of some reasonably reliable estimate of fi nancial liabilities due to cyber crime provides a basic metric by which funding of defensive cyber security proposals can be assessed — and justifi ed to regulators, partners, investors and others who challenge decisions that have been taken or not taken. Some proprietary models can be found via a Web search, and can provide useful starting points.


Executives seeking to gain an understanding of potential cyber crime cost impacts must recognise those costs come in several forms.


SOURCE: PONEMON INSTITUTE


SOURCE: TELSTRA SECURITY REPORT


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58