Below are a few interesting data points from the Ponemon Institute 2017 Cost of Cyber Crime Study, jointly developed with Accenture:
Notably, the average annualized cost for financial services companies is over $17M, and include evolving business models by criminals, including ransomware as a service. Information loss, such as with Equifax, represents the largest cost component with a rise from 35% to 43% year on year. PS, it is more than worth watching John Oliver’s story on Equifax, because there is so much more to it than the media reported. Also, for those of you that have frozen their credit, my favorite is Experian’s automated message telling callers that “in case you are calling regarding the Equifax debacle”, you should call them and not Experian, as “this is a different company”.
But I digress. Ponemon looked at nine security technologies (security intelligence systems, advanced identity and access governance, automation, cyber analytics, advanced perimeter controls, encryption technologies, data loss prevention, enterprise deployment of governance, risk, compliance, automated policy management) and found that most firms spend too much on the wrong ones. The Compliance Strategy Institute (CSI) in its global roundtable series NY/Boston/London/Paris had numerous CISOs and heads of IT and data participate in the workshops to better understand the data and technology needs for compliance, risk, legal and operations executives. The ongoing CSI task force around cybersecurity and technology is exploring these global themes further on an ongoing basis, alongside Compliance Solutions Strategies (CSS).