Hack Headlines Cause Financial Damage

Some 14% of IT decision makers from large companies would pay more than $500,000 to avoid public shaming or other devastating consequences after a security breach. 

This is according to a survey by Bitdefender of 250 IT decision makers at companies in the US with more than 1,000 PCs.

The survey shows only a third of US companies would refuse to pay attackers if their infrastructure gets compromised while two-thirds would pay an average of $124K. From those who would pay, some 40% would give less than $10K, 26% between $10K and $100K, and 19% between $100K and $500K.

These results confirm that negative media headlines could cause substantial financial damage, ruin business forecasts and severely damage reputations.

In a recent case, officials from Verizon, which agreed to buy Yahoo’s core properties for $4.83B in July, told reporters that the company has “a reasonable basis” to suspect the Yahoo security breach, one of the largest ever, could have a meaningful financial impact on the deal. 

This further highlights the risk that cyber incidents could alter significant transactions and even destroy whole companies under the enormous pressure from both stakeholders and media. In the minds of board members, IT decision makers in C-level suites are to blame for breaches. Failure to mitigate and act quickly and efficiently in case of a breach can cost CIOs and IT manager their jobs.

Bitdefender’s survey shows 64% of IT decision makers think their company’s IT security budget is sufficient, while 26% say it is adequate but the company is understaffed. 

Another 7% say they have enough budget but it doesn’t support expansion. Only 3% of IT decision makers surveyed said the IT security budget in their company is insufficient. The IT decision makers, on average, say only 64% of cyber-attacks can be stopped, detected or prevented with the current resources.

Bitdefender’s survey also shows that 34% of companies acknowledge that they were breached in the past 12 months, while 74% of respondents don’t know how.

Cyber-criminals can spend large amounts of time inside organizations without being detected; Advanced Persistent Threats (APTs) are often defined as threats designed to evade detection. 

In the virtualisation paradigm, since nothing executed in raw memory is encrypted, just scrambled, APTs that try to execute malicious code on a virtual machine will be intercepted by Bitdefender’s hypervisor introspection technology long before they actually compromise the operating system. 

In fact, as soon as the malicious code, even delivered via a zero-day exploit, tries to execute in the VM’s memory, the introspection engine will immediately “see” the malicious action and the code that it was trying to execute.

Business Insights

Yahoo Spins A Cautionary Tale Dealing With Data Privacy:

Insurers Are Handling 'hundreds' Of Breach Claims:

UK’s Financial Centre Suffering Massive Ransomware Attacks:

 

 

« HSBC Appoints A Technology Advisory Board
Tomorrow's Smart Cities Will Be Data Driven »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Recorded Future

Recorded Future

Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk.

Core Security

Core Security

Core Security provides threat-aware identity, access, authentication and vulnerability management solutions.

Cycuity

Cycuity

Cycuity (formerly Tortuga Logic) is a cybersecurity company that is transforming the way we secure silicon with comprehensive hardware security assurance.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

Infosec Train

Infosec Train

Infosec Train provide professional training, certifications & professional services related to all spheres of Information Technology and Cyber Security.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

Noname Security

Noname Security

Noname Security detects and resolves API vulnerabilities and misconfigurations before they are exploited.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.

NetSfere

NetSfere

NetSfere provides next-generation messaging and mobility solutions to carriers and enterprises globally including its enterprise-grade, secure mobile messaging platform NetSfere Enterprise.

System Two Security

System Two Security

System Two Security automates detection engineering and threat hunting.

TorchLight

TorchLight

TorchLight designs and manages cybersecurity that moves at the speed of opportunity to defend against business risks and illuminate the path to security.