Hack Headlines Cause Financial Damage

Some 14% of IT decision makers from large companies would pay more than $500,000 to avoid public shaming or other devastating consequences after a security breach. 

This is according to a survey by Bitdefender of 250 IT decision makers at companies in the US with more than 1,000 PCs.

The survey shows only a third of US companies would refuse to pay attackers if their infrastructure gets compromised while two-thirds would pay an average of $124K. From those who would pay, some 40% would give less than $10K, 26% between $10K and $100K, and 19% between $100K and $500K.

These results confirm that negative media headlines could cause substantial financial damage, ruin business forecasts and severely damage reputations.

In a recent case, officials from Verizon, which agreed to buy Yahoo’s core properties for $4.83B in July, told reporters that the company has “a reasonable basis” to suspect the Yahoo security breach, one of the largest ever, could have a meaningful financial impact on the deal. 

This further highlights the risk that cyber incidents could alter significant transactions and even destroy whole companies under the enormous pressure from both stakeholders and media. In the minds of board members, IT decision makers in C-level suites are to blame for breaches. Failure to mitigate and act quickly and efficiently in case of a breach can cost CIOs and IT manager their jobs.

Bitdefender’s survey shows 64% of IT decision makers think their company’s IT security budget is sufficient, while 26% say it is adequate but the company is understaffed. 

Another 7% say they have enough budget but it doesn’t support expansion. Only 3% of IT decision makers surveyed said the IT security budget in their company is insufficient. The IT decision makers, on average, say only 64% of cyber-attacks can be stopped, detected or prevented with the current resources.

Bitdefender’s survey also shows that 34% of companies acknowledge that they were breached in the past 12 months, while 74% of respondents don’t know how.

Cyber-criminals can spend large amounts of time inside organizations without being detected; Advanced Persistent Threats (APTs) are often defined as threats designed to evade detection. 

In the virtualisation paradigm, since nothing executed in raw memory is encrypted, just scrambled, APTs that try to execute malicious code on a virtual machine will be intercepted by Bitdefender’s hypervisor introspection technology long before they actually compromise the operating system. 

In fact, as soon as the malicious code, even delivered via a zero-day exploit, tries to execute in the VM’s memory, the introspection engine will immediately “see” the malicious action and the code that it was trying to execute.

Business Insights

Yahoo Spins A Cautionary Tale Dealing With Data Privacy:

Insurers Are Handling 'hundreds' Of Breach Claims:

UK’s Financial Centre Suffering Massive Ransomware Attacks:

 

 

« HSBC Appoints A Technology Advisory Board
Tomorrow's Smart Cities Will Be Data Driven »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

Silicon Labs

Silicon Labs

Silicon Labs are a leader in secure, intelligent wireless technology for a more connected world. We provide award-winning hardware and software security to help safeguard connected devices.

Hayes Connor Solicitors

Hayes Connor Solicitors

Hayes Connor Solicitors is a specialist data breach and cybercrime law firm. We act for clients on individual data breaches and also where a group has been compromised as part of a targeted attack.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.

C/side (cside)

C/side (cside)

At c/side, we're creating the ultimate delivery, performance and detection mechanism for browser-side fetched 3rd party Javascript.