Cybercrime Can Cost Organizations $11.56 Million per Year

Today’s IP news roundup highlights some of the latest headlines in network security:

• According to a study by the Ponemon Institute, the costs of responding to a cyberattack have increased 78% within the past four years. Enterprises that experience attacks now pay an average of $11.56 million per year in related detection, investigation and recovery costs. This is due to the fact that cybercriminals are becoming more sophisticated, increasing the volume of their attacks and staying undetected on networks for longer periods. In addition, organizations are taking better measures to detect and respond to threats, which can also drive up costs. For more highlights from the study, along with tips on how to lower cybercrime costs, see the SearchSecurity blog.
• Enterprises are not doing enough to prevent insider attacks. The Vormetric 2013 Insider Threat Report revealed that although enterprises are concerned about insider threats and data breaches, 73% do not block privileged user access to sensitive data and are at greater risk. Meanwhile, 48% of the survey’s respondents only review sensitive data access on a monthly basis, while 76% cannot detect unauthorized data access in real time. For more highlights from the study, see ComputerWeekly.com.
• Millennials are not encouraged to go after cybersecurity jobs. Although the demand for network systems and information security professionals is expected to increase 53% through 2018, the “Raytheon Millennial Cybersecurity Survey Report” revealed that young people are not encouraged to pursue careers in these areas. According to the report, 82% of 18- to 26-year-olds said that no high school teacher or guidance counselor mentioned cybersecurity as a possible career choice. Meanwhile, 24% of respondents expressed interest in this field. The study also found a gender gap, as 35% of young men stated they would consider a cybersecurity career, compared to only 14% of young women. For more information on millennials in the security workforce, see SCMagazine.com.
• And finally … the threat of the month is Java exploits. These include, “Remote code execution vulnerabilities affecting Java prior to version 7 Update 25, which allow a complete sandbox bypass via browsers and allow attackers to take access of the affected system.” According to SC Magazine, you should be concerned about these exploits, as they are “beginning to surface in frameworks like Metasploit, which equips attackers with fully working exploits.” SC Magazine recommends that users show caution when visiting untrusted websites, especially if their systems are not fully patched. For more information on Java exploits, along with tips on how to protect yourself, see SC Magazine.

What is your take on today’s news? Feel free to share your opinions below.