The cost of a cyber attack for victims has jumped dramatically over the past year, research from HP and the Ponemon Institute indicates.
The average annualized amount incurred in Japan was pegged at $6.81 million and in Australia at $3.47 million, according to the latest yearly study from the organizations.
The study — which covered companies in the United States, United Kingdom, Japan, Germany, Australia, Brazil and the Russian Federation — found that the cost incurred by a benchmark sample of Australian and Japanese firms had increased by 13% and 14% respectively since last year.
The cost was highest in the US at $15 million per company, and lowest in the Russian Federation at $2.4 million.
Matthew Shriner, a director at HP, said that as organizations strive to embrace new technologies while protecting their expanded environments, there is a need to shift security strategies from traditional network control and perimeter management to an advanced focus on protecting interactions among users, applications and data.
The 2015 Cost of Cyber Crime Study show that organizations are now committing 19% of their security budget allocation to the application layer, up from 16% last year.
The study also found that cyber crime costs vary by organizational size (as measured by enterprise seats) and annualized cost. Based on enterprise seats, results showed that small organizations incurred a significantly higher per capita cost than larger organizations.
Further, the average time to resolve a cyber attack was 31 days in Australia and 26 days in Japan. This represents an increase of eight days in Australia and one day in Japan over the last year.
Results also showed that malicious insider attacks can take an average of 50 days to contain in Australia and 37 days in Japan.
In both Japan and Australia, the most costly cyber crimes continued to be caused by denial of service and malicious insiders.
HP said that organizations investing in and using security intelligence technologies and governance practices to address the crimes that proved most costly were more efficient in detecting and containing cyber attacks, thereby reducing costs otherwise incurred.
Deploying a security information and event management (SIEM) solution led to an average cost savings was $1.9 million per year, compared to companies not deploying similar security solutions.
Hiring certified or expert security personnel can save $1.5 million while the appointment of a high-level security leader can reduce costs by $1.3 million.