Hack Headlines Cause Financial Damage

Some 14% of IT decision makers from large companies would pay more than $500,000 to avoid public shaming or other devastating consequences after a security breach. 

This is according to a survey by Bitdefender of 250 IT decision makers at companies in the US with more than 1,000 PCs.

The survey shows only a third of US companies would refuse to pay attackers if their infrastructure gets compromised while two-thirds would pay an average of $124K. From those who would pay, some 40% would give less than $10K, 26% between $10K and $100K, and 19% between $100K and $500K.

These results confirm that negative media headlines could cause substantial financial damage, ruin business forecasts and severely damage reputations.

In a recent case, officials from Verizon, which agreed to buy Yahoo’s core properties for $4.83B in July, told reporters that the company has “a reasonable basis” to suspect the Yahoo security breach, one of the largest ever, could have a meaningful financial impact on the deal. 

This further highlights the risk that cyber incidents could alter significant transactions and even destroy whole companies under the enormous pressure from both stakeholders and media. In the minds of board members, IT decision makers in C-level suites are to blame for breaches. Failure to mitigate and act quickly and efficiently in case of a breach can cost CIOs and IT manager their jobs.

Bitdefender’s survey shows 64% of IT decision makers think their company’s IT security budget is sufficient, while 26% say it is adequate but the company is understaffed. 

Another 7% say they have enough budget but it doesn’t support expansion. Only 3% of IT decision makers surveyed said the IT security budget in their company is insufficient. The IT decision makers, on average, say only 64% of cyber-attacks can be stopped, detected or prevented with the current resources.

Bitdefender’s survey also shows that 34% of companies acknowledge that they were breached in the past 12 months, while 74% of respondents don’t know how.

Cyber-criminals can spend large amounts of time inside organizations without being detected; Advanced Persistent Threats (APTs) are often defined as threats designed to evade detection. 

In the virtualisation paradigm, since nothing executed in raw memory is encrypted, just scrambled, APTs that try to execute malicious code on a virtual machine will be intercepted by Bitdefender’s hypervisor introspection technology long before they actually compromise the operating system. 

In fact, as soon as the malicious code, even delivered via a zero-day exploit, tries to execute in the VM’s memory, the introspection engine will immediately “see” the malicious action and the code that it was trying to execute.

Business Insights

Yahoo Spins A Cautionary Tale Dealing With Data Privacy:

Insurers Are Handling 'hundreds' Of Breach Claims:

UK’s Financial Centre Suffering Massive Ransomware Attacks:

 

 

« HSBC Appoints A Technology Advisory Board
Tomorrow's Smart Cities Will Be Data Driven »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

F5 Networks

F5 Networks

F5 products ensure that network applications are always secure and perform the way they should—anywhere, any time, and on any device.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Alias Robotics

Alias Robotics

Alias Robotics is a robot cyber security company. We deliver cyber security solutions for robots and robot components.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Diversified Search Group - Alta Associates

Diversified Search Group - Alta Associates

Diversified Search Group is an industry leader in recruiting diverse, inclusive and transformational leadership for clients.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Flawnter

Flawnter

Flawnter is a security testing software that finds hidden security and quality flaws in your applications.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.

Neo Auth

Neo Auth

Neo Auth is an identity and access management solution to help organizations optimize their cybersecurity processes.