"Phishing Costs Surge to $15m Annually for US Organizations"

The security vendor Proofpoint commissioned the Ponemon Institute to poll nearly 600 IT and IT security practitioners to compile its latest Cost of Phishing study.  The researchers found that the average cost of phishing for large US organizations has soared by 289% over the past six years, with firms now losing nearly $15m annually.  The survey revealed that the average large US organization loses $14.8m per year to phishing-related cybercrime, up from $3.8m in 2015 and calculated at $1500 per employee. The researchers claimed that ransomware costs large organizations $5.7m annually, while BEC accounts for $6m.  The FBI recorded total BEC losses of $1.8 billion from reported incidents in 2020.  According to Proofpoint researchers, the cost of resolving malware infections has doubled since 2015, from $338,098 to $807,506.  The researchers also found that the average cost to contain initial credential phishing compromises increased from $381,920 in 2015 to $692,531 in 2021, with companies typically experiencing over five of these incidents each year.

Infosecurity reports: "Phishing Costs Surge to $15m Annually for US Organizations"