The Average Cost of Fighting a Cyberattack Now Exceeds $1.1M
February 21, 2019

Shira Sagiv
Radware

Without question, cyberattacks represent a viable threat to a business' bottom line. A new report from Radware shows that security professionals estimate the average cost of a cyberattack in excess of $1.1M. For those organizations that calculate (versus estimate) the cost of an attack, that number increases to $1.67M.

The resulting business impacts? Just as alarming. 54% of Radware survey respondents report operational and productivity loss, and 43% report a negative customer experience following an effective cyberattack. What's more, almost half (45%) reported that the goal of the attacks they suffered was service disruption while another third (35%) claimed the goal was data theft.


Devastation Can Be Moments Away

Each of these impacts — singularly or in combination with one another — create a wedge between a brand and its customers. It can take years to build strong brand equity and only moments to destroy it. We see evidence of this time and again with major brands, such as Marriott, Equifax, Maersk, and more. The bottom line: Threat actors must only be successful once, but organizations must be successful in their attack mitigation 100% of the time.

It's no wonder IT professionals constantly feel pressure to increase their security posture. Yet, despite these mounting costs and business impacts, three in four have no formalized procedure to assess the business impact of a cyberattack against their organization. This becomes particularly troubling when you consider that most organizations have experienced some type of attack within the course of a year (only 7% of respondents claim not to have experienced an attack at all), with 21% reporting daily attacks, a significant rise from 13% last year.

78% of respondents hit by a cyberattack experienced service degradation or a complete outage

Not only are attacks becoming more frequent, they are also more effective: 78% of respondents hit by a cyberattack experienced service degradation or a complete outage, compared to 68% last year. Even with these numbers, 34% of respondents do not have a cybersecurity emergency response plan in place. For small-to-medium sized businesses, the outcome can be particularly severe, as these organizations typically lack sufficient protection measures and know-how.

Other key findings of the report include:

■ 43% of respondents reported negative customer experiences and reputation loss following a successful attack.

■ Data leakage and information loss remain the biggest concern to more than one-third (35%) of businesses, followed by service outages.

■ Hackers increased their usage of emerging attack vectors to bring down networks and data centers: Respondents reporting HTTPS Floods grew from 28% to 34%, reports of DNS grew from 33% to 38%, reports of burst attacks grew from 42% to 49%, and reports of bot attacks grew from 69% to 76%.

■ Application-layer attacks cause considerable damage. Two-thirds of respondents experienced application-layer DoS attacks and 34% foresee application vulnerabilities being a major concern in the coming year. More than half (56%) reported making changes and updates to their public-facing applications monthly, while the rest made updates more frequently, driving the need for automated security.

■ 86% percent of surveyed businesses indicated they explored machine-learning (ML) and artificial intelligence (AI) solutions. Almost half (48%) point at quicker response times and better security as primary drivers to explore ML-based solutions.

Understanding the impacts of a cyberattack — from productivity loss to taking a major financial hit — is essential to protecting brand affinity and remaining competitive in today's digitally driven business landscape. Once aware, security professionals and executives alike can — and must — begin to implement the necessary security solutions to safeguard their organizations, both on the balance sheet and with customers.

Shira Sagiv is Head of Product Marketing for Radware
Share this

Industry News

December 19, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).

December 19, 2024

Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.

December 18, 2024

Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.

December 18, 2024

Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.

December 17, 2024

Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.

December 17, 2024

Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.

December 17, 2024

Kindo formally launched its channel partner program.

December 16, 2024

Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.

December 16, 2024

Fastly announced the general availability of Fastly AI Accelerator.

December 12, 2024

Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.

December 12, 2024

vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.

December 11, 2024

CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.

December 11, 2024

Grid Dynamics announced the launch of its developer portal.

December 10, 2024

LTIMindtree announced a strategic partnership with GitHub.