The Cost of Chasing Malware Ghosts

by Matt Klassen on January 29, 2015

Recent cyber-security attacks on the likes of Target, Home Depot, JP Morgan Chase, and, most recently, Sony Pictures have shown us all just how damaging malware can be to a company’s reputation and bottom line, as intrusive hacks can cost businesses millions of dollars in damage, not to mention the cost of stolen high value and confidential information.

But what’s even more interesting is not just how much companies spend on trying to secure their networks, but how much is spent on chasing ghosts, as a recent report from the Ponemon Institute on the cost of containing malware found that businesses spend, on average, US$1.27 million annually pursuing and investigating erroneous cyber-threats, that is, suspected malware that turn out to be nothing more than a dead ends.

It’s truly no wonder that hackers are able to bypass even the best cyber-security measures employed by companies, as between chasing false leads and a distinct lack of manpower only a small fraction of actual malware threats are investigated, leaving data exposed and businesses at risk. But even in such an environment perhaps the most shocking revelation is that more than 40 percent of the businesses polled aren’t even using automated security tools to help fight against malware to begin with. Is there any hope for enterprise against the persistent threat of malware?

The study, titled “The Cost of Malware Containment”, sponsored by Damballa, revealed some telling data about enterprise security and malware identification and containment practices:

  •  On average an organization can receive nearly 17,000 malware alerts in a typical week.
  •  The time needed to respond to each of these alerts is a significant drain on an organization’s finances and often stretches IT security personnel thin.
  • As mentioned, the average cost of chasing erroneous threats due to inaccurate or misleading intelligence is $1.27 million/year.
  •  Only approximately 4% of alerts are actually investigated due to the volume of false positives, alert unreliability, and manpower shortages.
  • About 40% of infections go undetected.

Further, the study also found that companies spend about 198.8 employee hours a week looking into infections and approximately 229.9 hours weekly “cleaning or fixing infected devices,” leaving precious little time to respond to serious threats or to even attempt to maintain network security.

If the study has shown one thing, however, it’s that in a fight against an overwhelming volume of malware the enterprise sector is already severely handicapped security is certainly made more difficult by unsatisfactory detection tools that far too often create false leads and deliver erroneous information to IT personnel. But to make matters worse, the study also found that a substantial number of respondents—over 40 percent—had not even deployed automated security tools, for even despite their inefficiencies, such tools are still able to help manage a significant portion of the constant deluge of cyber-security information.

In the end, regardless of how difficult it can be to use today’s malware detection tools, despite how much companies still spend on chasing false leads, it’s shocking to me that so many businesses still take such a nonchalant approach to network security, as even if the tools are unsatisfactory in many respects it’s all we have, and having some security against the barrage of malware is infinitely better than having none.

Did you like this post ? publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. Follow by: RSS, Twitter, Facebook, or YouTube.

Comments on this entry are closed.

Previous post:

Next post: