Channel Asia is reporting on a study recently released by McAfee, claiming the average cost of a cyber attack to a Singapore-based business is approximately $1.25m per breach:
According to McAfee findings, the city-state houses the highest estimated costs stemming from a breach across Asia Pacific, ahead of markets such as Australia, Hong Kong, India, Indonesia, Malaysia, New Zealand and Thailand.
Findings from a survey of 480 cyber security decision-makers at a regional level paint a damning picture for Singapore with 80 per cent of respondents claiming that cyber security incidents pose “high” or “medium” impacts on business.
And:
Estimated costs from respondents in Singapore were more than double that of the next highest country in Asia Pacific, identified as Indonesia with financial implications at roughly S$785,000 per breach.
I would like to know how McAfee, and the various companies they interviewed, arrived at these numbers. Internal incident response is a bit of an art to accurately quantify. Leveraging external resources to assist with breach remediation is much easier to understand.
The likelihood of all of these Singapore-based companies only using outside assistance is small. There is a stronger chance of a more hybrid approach, where internal responders work in conjunction with external help of some sort.
In either case, I am curious to see how these numbers were derived.