OPENSPACE 22: Rosetta: Making Space History | Page 27

The report revealed that Finance, ICT, and Energy
sectors have the highest incident costs, while the most
common cyber-attack types for these industries are
DoS/DDos and malicious insiders
T
he report outlining the cost of incidents affecting CIIs could contribute to a more efficient calculation of losses
reviewed existing studies assessing the economic caused by cyber-incidents.
impact of incidents on CIIs and set the parameters The status of cybercrime worldwide
for future work in this area. The study pointed to a “lack of The study also establishes an early impression on the current
a unified and standardized approach” in the production of status of cybercrime worldwide based on the various studies
cybercrime reports, suggesting that such reports “are driven that have been published by different organizations in the
by business factors.” field. In this respect, the report revealed that Finance, ICT,
According to ENISA, future studies should be done through and Energy sectors have the highest incident costs, while
a “unified analysis, based on a well-structured methodology, the most common cyber-attack types for these industries
and considering all critical variables that define the EU cyber- appear to be DoS/DDoS and malicious insiders. The most
space […] [in order to reflect] the real situation.” expensive attacks are considered to be insider threats,
“Determining realistic cost values is key to outlining the followed by DDoS and web-based attacks.
economic impact of cyber incidents on the EU’s economy. In terms of loss per country, the values provided by the
ENISA can play a significant role in the future on developing report reach up to 1.6% of GDP in some EU countries. The
work that takes into account all critical variables that define average cost per company per year varied between €2.3
the EU cyber-space, given that all the necessary resources Million and €15 Million in 2015, depending on the study,
have been allocated,” said professor Udo Helmbrecht, while one study estimated the economic loss to the global
ENISA’s Executive Director. economy to be from €330 to €506 Billion.
The study comes shortly after the European Commission
approved the NIS Directive. The new European cybersecurity
legislation obliges companies to report cyber-attacks, which
Read more
http://www.rheagroup.com/cost-cyber-attacks-critical-information-
infrastructures/
October - December 2016 27