Cost of data breaches rises nearly 70 per cent in the past year

HP has reported a 70 per cent rise in the cost of dealing with a successful online attack over the past year, putting the average figure at $416,000.

The company's second annual Cost of Cyber Crime Study, carried out by the Ponemon Institute, found that organisations typically experience 72 successful attacks a week, up from 50 last year.

The majority of these are harmless, but the most expensive breach reported among the companies surveyed cost $36.5m.

The research covered malware, denial-of-service, stolen devices and web-based attacks, and found that the average time to remedy a successful breach rose from 14 to 18 days.

However, insider attacks are the hardest to lock down, typically taking 45 days to resolve.

"The type of organisation makes a great difference, with defence, energy/utilities, and financial services firms incurring the highest costs independent of their size," Ryan Kalember, director of products at HP, told V3.

"However, the study found that the organisations with more mature security programmes, as evidenced by their use of sophisticated detection technology like security information and event management, and mature processes like governance, risk and compliance management, incurred lower overall costs, despite their size and appeal as a target."

The biggest costs come in recovery and detection, accounting for 45 per cent of the final figure. However, network downtime is also a significant cost and there is often less tangible damage.

"Reputation loss is not measured in our activity-based costing framework. Frankly, this is a difficult concept to measure empirically," Larry Ponemon, chairman of the Ponemon Institute, told V3.

"However, we acknowledge that it could be among the most significant costs for certain organisations, such as the recent security breach at Sony."