The Average Cost of Fighting a Cyberattack Now Exceeds $1.1M
February 21, 2019

Shira Sagiv
Radware

Without question, cyberattacks represent a viable threat to a business' bottom line. A new report from Radware shows that security professionals estimate the average cost of a cyberattack in excess of $1.1M. For those organizations that calculate (versus estimate) the cost of an attack, that number increases to $1.67M.

The resulting business impacts? Just as alarming. 54% of Radware survey respondents report operational and productivity loss, and 43% report a negative customer experience following an effective cyberattack. What's more, almost half (45%) reported that the goal of the attacks they suffered was service disruption while another third (35%) claimed the goal was data theft.


Devastation Can Be Moments Away

Each of these impacts — singularly or in combination with one another — create a wedge between a brand and its customers. It can take years to build strong brand equity and only moments to destroy it. We see evidence of this time and again with major brands, such as Marriott, Equifax, Maersk, and more. The bottom line: Threat actors must only be successful once, but organizations must be successful in their attack mitigation 100% of the time.

It's no wonder IT professionals constantly feel pressure to increase their security posture. Yet, despite these mounting costs and business impacts, three in four have no formalized procedure to assess the business impact of a cyberattack against their organization. This becomes particularly troubling when you consider that most organizations have experienced some type of attack within the course of a year (only 7% of respondents claim not to have experienced an attack at all), with 21% reporting daily attacks, a significant rise from 13% last year.

78% of respondents hit by a cyberattack experienced service degradation or a complete outage

Not only are attacks becoming more frequent, they are also more effective: 78% of respondents hit by a cyberattack experienced service degradation or a complete outage, compared to 68% last year. Even with these numbers, 34% of respondents do not have a cybersecurity emergency response plan in place. For small-to-medium sized businesses, the outcome can be particularly severe, as these organizations typically lack sufficient protection measures and know-how.

Other key findings of the report include:

■ 43% of respondents reported negative customer experiences and reputation loss following a successful attack.

■ Data leakage and information loss remain the biggest concern to more than one-third (35%) of businesses, followed by service outages.

■ Hackers increased their usage of emerging attack vectors to bring down networks and data centers: Respondents reporting HTTPS Floods grew from 28% to 34%, reports of DNS grew from 33% to 38%, reports of burst attacks grew from 42% to 49%, and reports of bot attacks grew from 69% to 76%.

■ Application-layer attacks cause considerable damage. Two-thirds of respondents experienced application-layer DoS attacks and 34% foresee application vulnerabilities being a major concern in the coming year. More than half (56%) reported making changes and updates to their public-facing applications monthly, while the rest made updates more frequently, driving the need for automated security.

■ 86% percent of surveyed businesses indicated they explored machine-learning (ML) and artificial intelligence (AI) solutions. Almost half (48%) point at quicker response times and better security as primary drivers to explore ML-based solutions.

Understanding the impacts of a cyberattack — from productivity loss to taking a major financial hit — is essential to protecting brand affinity and remaining competitive in today's digitally driven business landscape. Once aware, security professionals and executives alike can — and must — begin to implement the necessary security solutions to safeguard their organizations, both on the balance sheet and with customers.

Shira Sagiv is Head of Product Marketing for Radware
Share this

Industry News

June 01, 2020

IT Revolution announced a full conference agenda for DevOps Enterprise Summit London, June 23-25, 2020.

June 01, 2020

Caltech CTME announced that Simplilearn, a global provider of digital skills training, will collaborate with CTME (Caltech's Center for Technology and Management Education) to offer a specialized Post Graduate Program in DevOps software engineering.

June 01, 2020

DevOps Institute, a global member-based association for advancing the human elements of DevOps, announced the introduction of its SKILup Playbook Library, a dynamic collective body of knowledge (cBok) that aligns thought leadership from industry experts with a set of dynamic, orchestrated artifacts, research and assets.

May 28, 2020

Docker has extended its strategic collaboration with Microsoft to simplify code to cloud application development for developers and development teams by more closely integrating with Azure Container Instances (ACI).

May 28, 2020

Eggplant announced updates to its Digital Automation Intelligence (DAI) platform.

May 28, 2020

Aptum launched its Managed DevOps Service in partnership with CloudOps, a cloud consulting and professional services company specializing in DevOps.

May 27, 2020

Red Hat announced an expansion of its application services portfolio with the addition of Quarkus as a fully supported framework in Red Hat Runtimes.

May 27, 2020

Couchbase has completed a $105 million all-equity Series G round of fundraising.

May 27, 2020

Aqua Security closed a Series D round of $30M led by Greenspring Associates.

May 26, 2020

GitLab is releasing 13.0 of its DevSecOps platform to enable organizations to efficiently adapt and respond to new and dynamic business challenges.

May 26, 2020

Solo.io announced the availability of the Istio Developer Portal to streamline the developer onboarding process for improved developer experience and increased productivity with added security features.

May 26, 2020

WhiteHat Security will offer free application scanning services to any education institution to support secure online learning.

May 21, 2020

Exadel announced the Grand Prize winner of the “Appery.io COVID-19 Virtual Hackathon.”

May 21, 2020

CloudBees announced significant advances for its Software Delivery Management (SDM) platform – integrations with additional continuous integration and continuous delivery (CI/CD) engines, including Google Cloud Build and Tekton, and extension of the availability of CloudBees’ SDM Preview Program.

May 21, 2020

OutSystems is announcing over 70 development accelerators that ensure web and mobile applications created on the OutSystems low-code development platform can comply with the highest accessibility standards and regulations.