Hack Headlines Cause Financial Damage

Uploaded on 2017-03-23 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Some 14% of IT decision makers from large companies would pay more than $500,000 to avoid public shaming or other devastating consequences after a security breach. 

This is according to a survey by Bitdefender of 250 IT decision makers at companies in the US with more than 1,000 PCs.

The survey shows only a third of US companies would refuse to pay attackers if their infrastructure gets compromised while two-thirds would pay an average of $124K. From those who would pay, some 40% would give less than $10K, 26% between $10K and $100K, and 19% between $100K and $500K.

These results confirm that negative media headlines could cause substantial financial damage, ruin business forecasts and severely damage reputations.

In a recent case, officials from Verizon, which agreed to buy Yahoo’s core properties for $4.83B in July, told reporters that the company has “a reasonable basis” to suspect the Yahoo security breach, one of the largest ever, could have a meaningful financial impact on the deal. 

This further highlights the risk that cyber incidents could alter significant transactions and even destroy whole companies under the enormous pressure from both stakeholders and media. In the minds of board members, IT decision makers in C-level suites are to blame for breaches. Failure to mitigate and act quickly and efficiently in case of a breach can cost CIOs and IT manager their jobs.

Bitdefender’s survey shows 64% of IT decision makers think their company’s IT security budget is sufficient, while 26% say it is adequate but the company is understaffed. 

Another 7% say they have enough budget but it doesn’t support expansion. Only 3% of IT decision makers surveyed said the IT security budget in their company is insufficient. The IT decision makers, on average, say only 64% of cyber-attacks can be stopped, detected or prevented with the current resources.

Bitdefender’s survey also shows that 34% of companies acknowledge that they were breached in the past 12 months, while 74% of respondents don’t know how.

Cyber-criminals can spend large amounts of time inside organizations without being detected; Advanced Persistent Threats (APTs) are often defined as threats designed to evade detection. 

In the virtualisation paradigm, since nothing executed in raw memory is encrypted, just scrambled, APTs that try to execute malicious code on a virtual machine will be intercepted by Bitdefender’s hypervisor introspection technology long before they actually compromise the operating system. 

In fact, as soon as the malicious code, even delivered via a zero-day exploit, tries to execute in the VM’s memory, the introspection engine will immediately “see” the malicious action and the code that it was trying to execute.

Business Insights

Yahoo Spins A Cautionary Tale Dealing With Data Privacy:

Insurers Are Handling 'hundreds' Of Breach Claims:

UK’s Financial Centre Suffering Massive Ransomware Attacks:

 

 

« HSBC Appoints A Technology Advisory Board
Tomorrow's Smart Cities Will Be Data Driven »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

LRQA Nettitude

LRQA Nettitude

LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

CyberOne

CyberOne

CyberOne (formerly Comtact) offer a full stack cybersecurity service to ensure our customers understand the cyber maturity of their organisation.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

National Initiative for Cybersecurity Education (NICE)

National Initiative for Cybersecurity Education (NICE)

NICE is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.

ISMS.online

ISMS.online

ISMS.online is a cloud software solution for fast & cost-effective implementation of an information security management system and achieve compliance with ISO 27001 and other standards.

Cohesity

Cohesity

Cohesity radically simplifies the way businesses back up, manage, protect, and extract value from their data—in the data center, at the edge, and in the cloud.

Security Weaver

Security Weaver

Security Weaver is a leading provider of governance, risk and compliance management (GRCM) software.

Switchfast Technologies

Switchfast Technologies

Switchfast Technologies is an IT consulting and managed services provider, offering IT support and consulting to Chicagoland small businesses.

Hubify

Hubify

Hubify is an experienced, service-driven technology company specialising in business connectivity across mobile, data, voice, cloud, & cyber security solutions.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.

Cyber Guru

Cyber Guru

Cyber Guru is an effective cybersecurity awareness training platform, enabling organisations to increase their resistance to cyber-attacks by changing employee behaviour.