Average Cost Of A Cyber Attack Increases By 80%

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Financial

In seven out of eight countries, cyber attacks are now seen as the biggest risk to business, more than  COVID-19, economic turmoil, skills shortages, and other issues. Indeed, cyber threats are viewed as the dominant risk with the median cost of a cyber attack on a US-based business costing $18,000, up from $10,000 the previous year. 

The leading specialist insurance company Hiscox commissioned Forrester Consulting to survey more than 5,000 security professionals in the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland for its Cyber Readiness Report 2022. 

Cyberattacks were the biggest concern of the 900 firms surveyed in the U.S. at 46%, outpacing the pandemic (43%) or skills shortage (38%).

Almost half of businesses in the U.S. (47%) suffered a cyberattack in the last 12 months, an increase of 7% from the previous year, while the most common entry point for all surveyed countries was a corporate server in the cloud (41%), followed closely by business email (40%).

While the cyber criminals have long targeted high-value companies, it is clear they are now moving down the food chain. International agencies have recently warned that more mid- and small-sized businesses are being targeted and this is borne out in this year’s report by Hiscox.

Despite leading the other seven countries in cyber maturity, scoring 3.05 compared with an average of 2.94, 84% of companies based in the U.S. that experienced a ransomware attack paid to recover data. The number of U.S. firms with standalone cyber insurance remained steady at 34%. “Despite 61% of survey respondents now being back in the office, businesses are still experiencing a hangover from the pandemic,” said Alannah Paul, cyber product head for Hiscox in the U.S.

“Remote working provided a year-long Christmas for cyber criminals, and we can see the results of their cyber-feast in the increased frequency and cost of attacks. As we move into a new era of hybrid working, we all have an increased responsibility to continue learning, and managing our own cybersecurity.” according to Paul.

The annual Hiscox Cyber Readiness Report, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed over 5,000 professionals responsible for their company’s cyber security.
This includes firms from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland. 

Key findings specific to the more than 900 US professionals surveyed include:

 

  • Cyber attacks are a bigger worry for US businesses than the ‘great reshuffle’: US businesses are more concerned about cyber attacks (46%), than the pandemic (43%), or skills shortages (38%).
  • The number of attacks is rising: the survey results indicate that in the past year, there has been a 7% increase in cyber attacks on US businesses. To date, roughly half of all US businesses (47%) have suffered an attack in the past 12 months.
  • Each attack is costing businesses more: The median cost of an attack as of 2022 is $18,000, up from $10,000 last year. The US has also borne a generally higher cost from cyberattacks, with 40% of those suffering attacks incurring costs of $25,000 or more. The most common point of entry was a corporate server in the cloud.
  • The pandemic has prompted businesses to double their IT spend: Despite remote working nearly halving from 62% of the workforce in 2021, to 39% of the workforce by 2022, total IT spending has risen from $11.5m in 2021, to $24.2m in 2022.
  • The US is a global leader in cyber maturity, but is also most likely to pay a ransom: The US had the highest cyber maturity score of 3.05 compared to the average of 2.94. Nonetheless, US companies were the most likely to pay a ransom to recover data, with 84% of companies that experienced a ransomware attack paying up.
  • More businesses are considering purchasing a standalone cyber insurance policy: The number of US businesses that have a standalone cyber insurance policy remained stable at 34%, in comparison to the number of businesses without a policy or any plan to purchase one, which dropped from 18% in 2021 to 12% in 2022.

The survey was conducted between Nov. 30, 2021, and Jan. 21, 2022. The median cost of a cyberattack for all surveyed countries was just under $17,000, an increase of 30% from the year before.

Hiscox:      Hiscox:      Dark Reading:    Varonis:     SC Magazine

You Might Also Read: 

The Most Expensive Data Breaches:

 

« October Is Cyber Security Awareness Month
Developing Nations Face The Biggest Cyber Security Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CloudInsure

CloudInsure

CloudInsure is a Cloud Insurance platform designed to specifically address emerging liabilities within the Cloud environment.

Applause

Applause

Applause provides real-world software testing for functionality, usability, accessibility, load, localization and security.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

DeviceAssure

DeviceAssure

DeviceAssure enables organizations to reliably identify counterfeit and non-standard devices with a real-time check on a device's authenticity.

Dellfer

Dellfer

Dellfer secures connected cars and other IOT devices through Intrinsic protection, enabling the most sophisticated cybersecurity attacks to be seen instantly and remediated with precision.

IAR Systems

IAR Systems

IAR Systems are a frontrunner in a changing industry, and a future-proof software supplier enabling the IoT.

Gula Tech Adventures

Gula Tech Adventures

Gula Tech Adventures invests in companies and nonprofits that help close the gap in needed technology and workforce to defend the country in cyberspace.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

Datrix

Datrix

Datrix is a leading Smart Infrastructure and Cyber Security solutions provider. We deliver critical networking, communications and cyber security solutions to public and private sector organisations.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.