Average Cost of Cyberattack Now Exceeds $1 Million

A new report by Radware shows that the average cost of a cyberattack now exceeds $1 million. (editor’s note: and that’s before fines!)

The 2018-2019 Global Application and Network Security Report noted that for those organizations that calculate (versus estimate) the cost of an attack, that number increases to $1.67M. The top impact of cyberattacks, as reported by respondents, is operational/productivity loss (54%), followed by negative customer experience (43%). What’s more, almost half (45%) reported that the goal of the attacks they suffered was service disruption. Another third (35%) said the goal was data theft.

“While threat actors only have to be successful once, organizations must be successful in their attack mitigation 100% of the time,” said Anna Convery-Pelletier, Chief Marketing Officer for Radware. “A cyberattack resulting in service disruption or a breach can have devastating business impacts. In either case, you are left with an erosion of trust between a brand and its constituency.”
While the cost of attack mitigation continues to rise, so does the number of organizations under attack. Most organizations have experienced some type of attack within the course of a year, with only 7% of respondents claiming not to have experienced an attack at all.

Twenty one percent reported daily attacks, representing a significant rise from 13% last year. Not only are attacks becoming more frequent, they are also more effective: 78% of respondents hit by a cyberattack experienced service degradation or a complete outage, compared to 68% last year. Even with these numbers, 34% of respondents do not have a cybersecurity emergency response plan in place.

Other findings of the report include: