Kaspersky Lab today announced a stealthy threat actor known as StrongPity, a technically capable Advanced Persistent Threat (APT) interested in encrypted data and communications, according to a paper presented at Virus Bulletin by Kaspersky Lab principal security researcher, Kurt Baumgartner.
Woburn, MA – September 13, 2016 –Kaspersky Lab today released new research which reveals that on average, a single cybersecurity incident now costs large businesses a total of $861,000. Meanwhile, small and medium businesses (SMBs) pay an average of $86,500. To assess the state of the security landscape in the U.S. and across the world, Kaspersky Lab looked at the attitudes toward security, the cost of data breaches and the losses incurred from incidents.
These findings are from a new Kaspersky Lab report, “Measuring the Financial Impact of IT Security on Businesses,” based on the 2016 Corporate IT Security Risks survey . According to the survey results, nearly half (49 percent) of U.S. businesses, and over half globally (52 percent), assume that their IT security will be compromised at some point. Although businesses may not want to admit it, the research uncovers that many companies have already experienced security threats.
Over the past 12 months, more than a third (34 percent) of U.S. businesses have been affected by viruses and malware causing a loss of productivity and 32 percent have experienced inappropriate IT resource use by employees. When asked about the number of breaches that they have experienced over the past 12 months, 77 percent of U.S. businesses admitted that they have suffered between one and five separate incidents of data loss, leakage or exposure (compared to 82 percent globally).
Although the most frequent cost of a cyberattack is due to the need for additional staff wages, businesses reported significant spending due to lost business opportunities and improvement in IT security. Some major findings from the survey include:
- 27 percent of companies in the U.S. admitted that they have experienced the physical loss of devices or media containing data.
- A third (30 percent) of respondents claim the physical loss of mobile devices has exposed the organization to risk.
- 14 percent of U.S. businesses have lost access to critical business information for a week (compared to 10 percent of businesses globally), with 13 percent being prevented from trading completely for more than one week.
- For one in ten (10 percent) U.S. businesses it can take up to a year to discover that a breach has occurred.
This lack of awareness and preparation is alarming for what nearly half of U.S. businesses see as an inevitable consequence of the complex technology landscape. Currently 73 percent of companies surveyed in the U.S. say that they are spending less than 20 percent of their IT budget on security. As more and more businesses begin to fear the financial, operational and reputational losses as the result of a cyberattack, more emphasis is being placed on IT security plans to protect the platforms and infrastructures they depend on. This change of perception has seemingly affected three quarters of the respondents in the U.S. (75 percent) who expect to increase their IT security spending over the next three years.
“The survey proves that reaction time post-breach has a direct impact on financial losses,” said Vladimir Zapolyansky, Head of SMB Marketing, Kaspersky Lab. “This is something that cannot be remedied via budget increases. It requires talent, intelligence and an agile attitude towards protecting one’s business. As a security vendor, our goal is to provide tools and intelligence for businesses of all sizes, keeping in mind the difference in ability to allocate security budgets.”
The full report titled, “Measuring the Financial Impact of IT Security on Businesses,” is available at Kaspersky Lab’s website here.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.
Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit: Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
1Corporate IT Security Risks is the annual survey conducted by Kaspersky Lab in cooperation with B2B International. In 2016 we have asked more than 4000 representatives of small, medium and large businesses from 25 countries on their views on IT Security and real incidents they had to deal with.
Articles related to Press Releases
Fulfilling its mission to share cybersecurity knowledge, Kaspersky Lab launched today the Industrial Control Systems Computer Emergency Response Team (also known as Kaspersky Lab ICS-CERT) – a global CERT entity that welcomes collaboration with critical infrastructure operators, vendors and government institutions.
Just three months after the successful launch of the No More Ransom project, law enforcement agencies from a further 13 countries have signed up to fight ransomware together with the private sector.