Hack Headlines Cause Financial Damage

Uploaded on 2017-03-23 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Some 14% of IT decision makers from large companies would pay more than $500,000 to avoid public shaming or other devastating consequences after a security breach. 

This is according to a survey by Bitdefender of 250 IT decision makers at companies in the US with more than 1,000 PCs.

The survey shows only a third of US companies would refuse to pay attackers if their infrastructure gets compromised while two-thirds would pay an average of $124K. From those who would pay, some 40% would give less than $10K, 26% between $10K and $100K, and 19% between $100K and $500K.

These results confirm that negative media headlines could cause substantial financial damage, ruin business forecasts and severely damage reputations.

In a recent case, officials from Verizon, which agreed to buy Yahoo’s core properties for $4.83B in July, told reporters that the company has “a reasonable basis” to suspect the Yahoo security breach, one of the largest ever, could have a meaningful financial impact on the deal. 

This further highlights the risk that cyber incidents could alter significant transactions and even destroy whole companies under the enormous pressure from both stakeholders and media. In the minds of board members, IT decision makers in C-level suites are to blame for breaches. Failure to mitigate and act quickly and efficiently in case of a breach can cost CIOs and IT manager their jobs.

Bitdefender’s survey shows 64% of IT decision makers think their company’s IT security budget is sufficient, while 26% say it is adequate but the company is understaffed. 

Another 7% say they have enough budget but it doesn’t support expansion. Only 3% of IT decision makers surveyed said the IT security budget in their company is insufficient. The IT decision makers, on average, say only 64% of cyber-attacks can be stopped, detected or prevented with the current resources.

Bitdefender’s survey also shows that 34% of companies acknowledge that they were breached in the past 12 months, while 74% of respondents don’t know how.

Cyber-criminals can spend large amounts of time inside organizations without being detected; Advanced Persistent Threats (APTs) are often defined as threats designed to evade detection. 

In the virtualisation paradigm, since nothing executed in raw memory is encrypted, just scrambled, APTs that try to execute malicious code on a virtual machine will be intercepted by Bitdefender’s hypervisor introspection technology long before they actually compromise the operating system. 

In fact, as soon as the malicious code, even delivered via a zero-day exploit, tries to execute in the VM’s memory, the introspection engine will immediately “see” the malicious action and the code that it was trying to execute.

Business Insights

Yahoo Spins A Cautionary Tale Dealing With Data Privacy:

Insurers Are Handling 'hundreds' Of Breach Claims:

UK’s Financial Centre Suffering Massive Ransomware Attacks:

 

 

« HSBC Appoints A Technology Advisory Board
Tomorrow's Smart Cities Will Be Data Driven »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

National Cyber-Forensics & Training Alliance (NCFTA) - USA

National Cyber-Forensics & Training Alliance (NCFTA) - USA

NCFTA is a trusted alliance of private industry and law enforcement partners dedicated to information sharing and disrupting cyber-related threats.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

Aiuken Cybersecurity

Aiuken Cybersecurity

Aiuken is an international IT Security company, focused on communications and IT technologies, specialised in Security and Cloud Services solutions with high added value.

Marlabs

Marlabs

Marlabs is a Digital Technology Solutions company that helps companies adopt digital transformation using a comprehensive framework including Digital Automation, Enterprise Analytics and Security.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Motorola Solutions

Motorola Solutions

Motorola Solutions build mission-critical services, software, video and analytics, backed by secure, resilient land mobile radio communications.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.

eGeneration

eGeneration

eGeneration is one of the leading technology solutions and system integration companies in Bangladesh.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.

Tulpa AI

Tulpa AI

Tulpa develops safe AI assistants (co-pilots) to support and enhance human performance in high-stakes, mission-critical decision-making environments.

Axiler

Axiler

Axiler’s AI-driven self-healing architecture seamlessly detect, patch, and neutralize threats in real-time, ensuring systems remain secure and ever-adaptable.