Typical online data security incident costs a bank $1.8M

Register now

A cyber security incident involving a bank’s online banking services costs the organization $1,754,000 on average, according to new research from security technology company Kaspersky Lab.

The study shows that 61 percent of cyber security incidents affecting online banking come with additional costs for the institution targeted. These include data loss, the loss of brand/company reputation, confidential information becoming leaked, and more.

Distributed denial-of-service (DDoS) attacks against financial institutions are often designed to cripple banking Web sites. The report shows that when organizations are attacked by DDoS, customer-facing resources suffer more in banking than in any other sector.

For example, 49 percent of banks that have suffered a DDoS attack have had their public Web site affected (compared with 41 percent of non-financial institutions), and 48 percent have had their online banking services affected when they’ve been targeted by DDoS.

Banks typically worry about attacks against their online banking services more than about many other threats, the report said. However, DDoS attacks only rank in third place, behind concerns about malware and targeted attacks.

“In the banking sector reputation is everything, and security goes hand-in-hand with this,” said Kirill Ilganaev, head of Kaspersky DDoS protection, Kaspersky Lab. “If a bank’s online services come under attack, it is very difficult for customers to trust that bank with their money, so it’s easy to see why an attack could be so crippling.”

If banks are to protect themselves effectively from online banking cyber security incidents, they first need to become more prepared for the dangers DDoS attacks pose to their online banking services, Ilganaev said.

For reprint and licensing requests for this article, click here.