CLEARWATER, Fla. (Press Release – September 26, 2011) – New cybercrime statistics published by HP reveal that the cost of cyber attacks has risen more than 50%* since last year, and IT security expert Stu Sjouwerman cautions that number is likely to grow.
As the founder and CEO of Internet Security Awareness Training (ISAT) firm KnowBe4, Sjouwerman (pronounced “shower-man”) has made it his mission to learn the increasingly sophisticated tactics used by the latest generation of cybercriminals – and to educate small and medium enterprises (SMEs) on how to recognize and avoid them.
According to the Second Annual Cost of Cyber Crime Study, which was sponsored by ArcSight (an HP company) and conducted by the Ponemon Institute, survey respondents reported losses between $1.5 million and $36.5 million per year due to cyber attacks. Collectively, their median annualized cost was $5.9 million – a 56% increase over the $3.8 million figure reported in the July 2010 study.
Other key findings announced by HP: the frequency of cyber attacks has increased nearly 45%, and the time and cost to resolve them has risen. The study’s findings indicate that a single attack now takes an average of 18 days and $416,000 to correct.
As many executives and entrepreneurs have learned the hard way, today’s cybercriminals are stepping up their efforts with stealthy tactics and sophisticated technology. This latest study shows that cyber attacks and their related costs are rapidly growing, so business need to be proactive in combating cybercrime if they want to avoid financial loss,” cautioned Sjouwerman.
To educate SMEs on the evolution of cybercrime – and help them better understand what they’re up against today – KnowBe4 provides an overview of the “Five Generations of Cybercrime” on its website. “While the first generation of hackers were more interested in notoriety than financial gain, today’s cybercriminals – Generation Five – are more likely to be operating within organized crime syndicates and profiting handsomely from their schemes,” Sjouwerman explained. “Coding skills are no longer required. Tools and malware are readily available through a thriving underground market, so even a relative novice could quickly get in on the action.”
Among the alarming developments Sjouwerman and his KnowBe4 colleagues are seeing today are:
- Licensed malware complete with technical support
- Cybercrime social networks with escrow services
- “Pay-for-play” malware infection services
- Botnet rentals for cybercrime sprees
Sjouwerman believes that the reason so many companies are falling victim to cybercrime is because they’re not taking proactive measures to prevent it. He attributes the growth of the criminal enterprise to a false sense of security among executives at SMEs and a lack of training among their employees.
“Many people assume antivirus software and an IT team are sufficient protection against cyber attacks. But the fact is that cybercriminals can bypass corporate security measures simply by tricking one employee into clicking a link. With one click, malware can be instantly downloaded to a computer and quickly spread across an entire network. And in most cases, the employee is completely unaware he or she has just given cybercriminals open access to company systems.”
KnowBe4 provides an extensive collection of free cybercrime education resources so that executives can arm themselves and their staff against cyber attacks. The company also offers a free phishing security test to help business owners and managers determine what percentage of employees are Phish-prone™, or susceptible to phishing attacks. KnowBe4’s own research reveals that its Internet Security Awareness Training can quickly reduce the Phish-prone percentage to (or near) zero. Sjouwerman also offers a wealth of valuable information and advice in his book, Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.
For more information on KnowBe4’s Internet security training services and cybercrime prevention tips, visit http://www.knowbe4.com. To learn more about Cyberheist, or to order the paperback or e-book edition, visit http://www.cyberheist.com.
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Internet Security Awareness Training (ISAT) to small and medium enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced Internet security awareness training. He is the author of four books, including Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.
“HP Research Reveals 56 Percent Rise in Cost of Cybercrime”; published on HP.com, August 2, 2011.