Trying to assign a value to the return on investment in IT security technologies and services has always been a major challenge. No one can really assign a value to all the potential threats that were blocked. The only real definitive measure is the cost of the cybersecurity attacks that managed to get by whatever IT security defenses were in place at the time. No one likes to see any organization fall victim to a cybercrime. But some sense of the financial costs associated with cybersecurity attacks does go a long way to helping IT security professionals justify the level of investment being made.
Guidance Software, a provider of IT forensics tools, has published the results of a survey of 330 IT professionals in North America that finds 25 percent of organizations suffered significant or minor direct financial losses due to an attack or breach in the past 12 months. Only six percent of companies claimed significant financial losses, up from two percent in 2016. But another 19 percent of companies claimed minor financial losses in 2017; up from 11 percent in 2016. However, when viewed through the lens of companies that were impacted by breaches specifically targeted at them, 20 percent of those organization bore costs of over $1 million. The report also finds that 19 percent of respondents experienced intellectual property theft or a breach of information confidentially in 2017; up from 13 percent in 2016. Obviously, the loss of intellectual property can be nothing short of incalculable.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.