Average Cost of Cyberattack Exceeds $1 Million: Report
The average cost of a cyberattack today exceeds $1 million, as per a recent survey report.
Security firm Radware, which provides cybersecurity and application delivery solutions, has released its 2018-2019 Global Application and Network Security Report, which brings to light this and other relevant findings.
The Radware Global Application and Network Security Report, which is now in its eighth year, is compiled by Radware’s ERT (Emergency Report Team) and is based on data collected from 790 IT executives representing various industries from around the globe as well as on third-party service provider commentary plus Radware’s hands-on experience handling threats. The report also details the impact of cyberattacks; the top impacts are operational/productivity loss, negative customer experience, service disruption and data theft.
A Radware press release on the report reads- “Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application delivery solutions, today announced it has released its 2018-2019 Global Application and Network Security Report, in which survey respondents estimate the average cost of a cyberattack at $1.1M.”
It further says, “For those organizations that calculate (versus estimate) the cost of an attack, that number increases to $1.67M. The top impact of cyberattacks, as reported by respondents, is operational/productivity loss (54%), followed by negative customer experience (43%). What’s more, almost half (45%) reported that the goal of the attacks they suffered was service disruption. Another third (35%) said the goal was data theft.”
The Radware report points out that if on the one hand, the cost of mitigating cyberattacks is on the rise, on the other hand, the number of organizations that are attacked too is increasing. Most organizations covered in the survey admitted to having experienced some kind of an attack in the course of the last one year. Only a small minority (7 percent) claimed not to have experienced any kind of attack.
21 percent of organizations reported daily attacks; the figure for the last year was 13 percent. The report also found that attacks are becoming more frequent as well as more effective these days. 78 percent of the survey respondents reportedly experienced, as a result of a cyberattack, service degradation or a complete outage; last year it was 68 percent.
However, despite the growing incidences of cyberattacks and the escalating costs involved, 34 percent of respondents reportedly don’t have a cybersecurity emergency response plan in place.
The Radware Global Application and Network Security Report studies major attack trends in 2018 and also includes predictions as well as Radware ERT’s recommendations regarding mitigating threats in 2019.
The Radware press release, explaining the trends of 2018 as revealed in the report, says, “Hackers increased their usage of emerging attack vectors to bring down networks and data centers: Respondents reporting HTTPS Floods grew from 28% to 34%, reports of DNS grew from 33% to 38%, reports of burst attacks grew from 42% to 49%, and reports of bot attacks grew from 69% to 76%.”
It’s also revealed that application-layer attacks have been causing considerable damage to organizations. “Two-thirds of respondents experienced application-layer DoS attacks and 34% foresee application vulnerabilities being a major concern in the coming year. More than half (56%) reported making changes and updates to their public-facing applications monthly, while the rest made updates more frequently, driving the need for automated security,” reads the Radware press release.
86% percent of the businesses included in the survey explored ML (Machine Learning) and AI (Artificial Intelligence) solutions. 48 percent of respondents believe that quicker response times and better security are primary drivers to explore ML-based solutions.
The government sector was the most attacked industry in 2018, followed by the healthcare industry. The healthcare industry (labs, medical insurance firms, pharma etc) are emerging as top favorites for hackers, especially because the value of medical records has increased in the darknet. However, 82 percent of healthcare firms have an emergency response plan in place, which is a very positive thing.
Coming to the types of attacks, there was a significant increase in malware or bot attacks while socially engineered threats and DDoS attacks also showed an increasing trend. Ransomware attacks seem to have gone down, while cryptomining is on the rise.
As per the Radware report, cybercriminals would continue to refine ransomware attacks and there would be attempts to hijack IoT using the virus.
The report also points out that security planning would have to be infused into product/service offerings, development plans and new business initiatives and cannot be delegated solely to the IT department.