based research institution recently released an October 2015 study “Cost of Cyber Crime” sponsored by Hewlett Packard enterprise. This study which was based on data from 52 U.S. based multinational corporation’s and 252 companies in 7 countries found that the mean annualized cost for cyber crime is $15 million per year. This range which varied from company to company was dependent on the size of the company and measures taken to mitigate cyber threats from both external and internal nefarious actors. Additionally, the 2015 mean annualized cost of $15 million per year has increased $2.7 million from $12.7 million in 2014 showing a gradual increase. And of those losses based on cyber crimes conducted year to year the costliest have been those caused by denial of services1 ($255,470 FY15), malicious insiders2 ($179,805 FY15), and malicious code3 ($164,500 …show more content…
According to Ponemon’s study, of the four potential consequences of a successful cyber attack: the loss of information, disruption of business, loss of revenue and damage to equipment. Over the last six years 42 percent of cyber attacks have resulted in information loss compared to the 17 percent which have resulted in the actual loss of revenue. As such taking steps to protect confidential information is more than a sound business decision to protect or support a company’s direct stakeholders. In many ways it is apart of a social contract wherein it is your ethical and legal obligations to exercise the vigilance needed to protect confidential data. There is no better example of how failing to properly secure your systems from cyber attacks can negatively effect the masses than the high profile cyber attack on the Office of Personnel Management (OPM). In June of 2015, OPM announced that the “background investigation records of millions of current, former and prospective federal employees and contractors had been stolen in a cyber intrusion” that had been ongoing since early 2014. OPM who conducts approximately 90 percent of the governments background investigations was warned since at least 2007 of “significant deficiencies in its cyber security protocol and failed to take steps to remedy those