The Average Cost of Fighting a Cyberattack Now Exceeds $1.1M
February 21, 2019

Shira Sagiv
Radware

Without question, cyberattacks represent a viable threat to a business' bottom line. A new report from Radware shows that security professionals estimate the average cost of a cyberattack in excess of $1.1M. For those organizations that calculate (versus estimate) the cost of an attack, that number increases to $1.67M.

The resulting business impacts? Just as alarming. 54% of Radware survey respondents report operational and productivity loss, and 43% report a negative customer experience following an effective cyberattack. What's more, almost half (45%) reported that the goal of the attacks they suffered was service disruption while another third (35%) claimed the goal was data theft.


Devastation Can Be Moments Away

Each of these impacts — singularly or in combination with one another — create a wedge between a brand and its customers. It can take years to build strong brand equity and only moments to destroy it. We see evidence of this time and again with major brands, such as Marriott, Equifax, Maersk, and more. The bottom line: Threat actors must only be successful once, but organizations must be successful in their attack mitigation 100% of the time.

It's no wonder IT professionals constantly feel pressure to increase their security posture. Yet, despite these mounting costs and business impacts, three in four have no formalized procedure to assess the business impact of a cyberattack against their organization. This becomes particularly troubling when you consider that most organizations have experienced some type of attack within the course of a year (only 7% of respondents claim not to have experienced an attack at all), with 21% reporting daily attacks, a significant rise from 13% last year.

78% of respondents hit by a cyberattack experienced service degradation or a complete outage

Not only are attacks becoming more frequent, they are also more effective: 78% of respondents hit by a cyberattack experienced service degradation or a complete outage, compared to 68% last year. Even with these numbers, 34% of respondents do not have a cybersecurity emergency response plan in place. For small-to-medium sized businesses, the outcome can be particularly severe, as these organizations typically lack sufficient protection measures and know-how.

Other key findings of the report include:

■ 43% of respondents reported negative customer experiences and reputation loss following a successful attack.

■ Data leakage and information loss remain the biggest concern to more than one-third (35%) of businesses, followed by service outages.

■ Hackers increased their usage of emerging attack vectors to bring down networks and data centers: Respondents reporting HTTPS Floods grew from 28% to 34%, reports of DNS grew from 33% to 38%, reports of burst attacks grew from 42% to 49%, and reports of bot attacks grew from 69% to 76%.

■ Application-layer attacks cause considerable damage. Two-thirds of respondents experienced application-layer DoS attacks and 34% foresee application vulnerabilities being a major concern in the coming year. More than half (56%) reported making changes and updates to their public-facing applications monthly, while the rest made updates more frequently, driving the need for automated security.

■ 86% percent of surveyed businesses indicated they explored machine-learning (ML) and artificial intelligence (AI) solutions. Almost half (48%) point at quicker response times and better security as primary drivers to explore ML-based solutions.

Understanding the impacts of a cyberattack — from productivity loss to taking a major financial hit — is essential to protecting brand affinity and remaining competitive in today's digitally driven business landscape. Once aware, security professionals and executives alike can — and must — begin to implement the necessary security solutions to safeguard their organizations, both on the balance sheet and with customers.

Shira Sagiv is Head of Product Marketing for Radware
Share this

Industry News

January 14, 2021

Oracle is making its popular APEX low-code development platform available as a managed cloud service that developers can use to build data-driven enterprise applications quickly and easily.

January 14, 2021

Parasoft announced its C/C++test update to support IAR Systems' build tools for Linux for Arm.

January 14, 2021

Harness raised $115 million in financing, reaching a valuation of $1.7 billion in just three years after launching from stealth.

January 13, 2021

Slim.ai launched with its cloud-based DevOps automation platform built specifically for software developers.

January 13, 2021

WhiteSource announced new WhiteSource Advise support for JetBrains' PyCharm and WebStorm integrated development environments (IDEs).

January 12, 2021

Red Hat has added new features to Red Hat Runtimes.

January 11, 2021

KubeSphere announced its expanded relationship with AWS to offer KubeSphere as an AWS Quick Start.

January 07, 2021

Red Hat announced its intent to acquire StackRox

January 07, 2021

Cigniti Technologies announced a partnership with Sonatype to help enterprise customers innovate faster and easily mitigate security risk inherent in open source.

January 07, 2021

Lacework announced a $525 million growth round with a valuation of over $1 billion.

January 06, 2021

BMC announced several new capabilities and enhancements for the BMC Automated Mainframe Intelligence (AMI) and Compuware portfolios that enable BMC mainframe customers to protect uptime and availability, defend the mainframe against cybersecurity threats, and advance enterprise DevOps.

January 06, 2021

Sysdig has achieved Service Organization Control (SOC) 2 Type II compliance for the Sysdig Secure DevOps Platform.

January 05, 2021

Allegro AI announced a rebranding of its key product Allegro Trains as ClearML.

January 05, 2021

Acryl unveiled a pilot service for Jonathan, an integrated AI platform that can be used in a variety of industries with a spectrum of users from non-experts to professional developers.

January 05, 2021

Weaveworks announced a $36.65 million Series C funding round.