The median cost of cybercrime has increased by an estimated 56 percent, costing companies an average of $6 million each year, according to a new study by the Ponemon Institute.

The Second Annual Cost of Cyber Crime Study found that organizations pay between $1.5 million to $36.5 million each year, which represents an increase of 56 percent from the median cost reported in the first study published in July 2010. Ponemon interviewed 50 U.S.-based businesses, ranging in size from 700 to 139,000 employees, about “the direct, indirect, and opportunity costs that resulted from the loss or theft of information, disruption to business operations, revenue loss, and destruction of property, plant, and equipment.”

Over a four-week period of study, the surveyed organizations experienced 72 successful attacks per week, an increase of nearly 45% from last year. The resulting cybersecurity costs incurred by organizations included information loss (40% of the total cost), business disruption (28%), revenue loss (18 %), and equipment damage (9%).

“Instances of cybercrime have continued to increase in both frequency and sophistication, with the potential impact to an organization’s financial health becoming more substantial,” said Tom Reilly, VP and general manager, Enterprise Security at HP. “Organizations in the most targeted industries are reducing the impact by leveraging security and risk management technologies, which is grounds for optimism in what continues to be a fierce fight against cybercrime.”

The study also revealed the types of cyber-attacks organizations face, with 100 percent of the surveyed organizations reporting attacks through viruses, worms or Trojans. They were followed by malware (96%), botnets (82%), Web-based attacks (64%), stolen devices (44%), malicious code (42%), malicious insiders (30%), and phishing and social engineering (30%).

The costliest attacks were denial of service, which cost about $188,000 a year, followed by Web-based attacks ($142,000), malicious code ($127,000), and malicious insiders ($105,000).

“As the sophistication and frequency of cyberattacks increases, so too will the economic consequences,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “Figuring out how much to invest in security starts with understanding the real cost of cybercrime.”

Related News

Chandler Harris is a freelance business and technology writer located in Silicon Valley. He has written for numerous publications including Entrepreneur, InformationWeek, San Jose Magazine, Government Technology, Public CIO,, U.S. Banker, Digital Communities Magazine, Converge Magazine, Surfer's Journal, Adventure Sports Magazine,, and the San Jose Business Journal. Chandler is also engaged in helping companies further their content marketing needs through content strategy, optimization and creation, as well as blogging and social media platforms. When he's not writing, Chandler enjoys his beach haunt of Santa Cruz where he rides roller coasters with his son, surfs and bikes across mountain ranges.