The FBI pegs the cost of cyberattacks at $67.2 billion a year. Through some extrapolation from survey results, the FBI calculated that 2.8 million U.S. organizations were hit with at least one computer security problem, costing $24,000 per incident. Looks like it's going to be another good year for companies in the security business. Here's more on the report from ZDNet and the actual report. Below are the key findings from the report:
• There are a variety of computer security technologies that organizations are increasingly investing in to combat the relentless, evolving, sophisticated threats, both internal and external. Despite these efforts, well over 5,000 computer security incidents were reported with 87% of respondents experiencing some type of incident.
• In many of the responding organizations, a common theme of frustration existed with the nonstop barrage of viruses, Trojans, worms, and spyware.
• Although the usage of antivirus, antispyware, firewalls, and antispam software is almost universal among the survey respondents, many computer security threats came from within the organizations.
• Of the intrusion attempts that appeared to have come from outside the organizations, the most common countries of origin appeared to be United States, China, Nigeria, Korea, Germany, Russia, and Romania.
• An overwhelming 91% of organizations that reported computer security incidents to law enforcement were satisfied with the response of law enforcement.
• Almost 90% of respondents were not familiar with the InfraGard organization that is a joint effort by the FBI and industry to educate and share information related to threats to U.S. infrastructure.
• The survey respondents were very interested in being better informed on how to prevent computer crimes. Over 75% of respondents voiced a desire to attend an informational session hosted by their local FBI office.
Security technologies used by organization survey (2005 FBI Computer Crime Survey)