Average Cost Of A Cyber Attack Increases By 80%

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Financial

In seven out of eight countries, cyber attacks are now seen as the biggest risk to business, more than  COVID-19, economic turmoil, skills shortages, and other issues. Indeed, cyber threats are viewed as the dominant risk with the median cost of a cyber attack on a US-based business costing $18,000, up from $10,000 the previous year. 

The leading specialist insurance company Hiscox commissioned Forrester Consulting to survey more than 5,000 security professionals in the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland for its Cyber Readiness Report 2022. 

Cyberattacks were the biggest concern of the 900 firms surveyed in the U.S. at 46%, outpacing the pandemic (43%) or skills shortage (38%).

Almost half of businesses in the U.S. (47%) suffered a cyberattack in the last 12 months, an increase of 7% from the previous year, while the most common entry point for all surveyed countries was a corporate server in the cloud (41%), followed closely by business email (40%).

While the cyber criminals have long targeted high-value companies, it is clear they are now moving down the food chain. International agencies have recently warned that more mid- and small-sized businesses are being targeted and this is borne out in this year’s report by Hiscox.

Despite leading the other seven countries in cyber maturity, scoring 3.05 compared with an average of 2.94, 84% of companies based in the U.S. that experienced a ransomware attack paid to recover data. The number of U.S. firms with standalone cyber insurance remained steady at 34%. “Despite 61% of survey respondents now being back in the office, businesses are still experiencing a hangover from the pandemic,” said Alannah Paul, cyber product head for Hiscox in the U.S.

“Remote working provided a year-long Christmas for cyber criminals, and we can see the results of their cyber-feast in the increased frequency and cost of attacks. As we move into a new era of hybrid working, we all have an increased responsibility to continue learning, and managing our own cybersecurity.” according to Paul.

The annual Hiscox Cyber Readiness Report, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed over 5,000 professionals responsible for their company’s cyber security.
This includes firms from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland. 

Key findings specific to the more than 900 US professionals surveyed include:

 

  • Cyber attacks are a bigger worry for US businesses than the ‘great reshuffle’: US businesses are more concerned about cyber attacks (46%), than the pandemic (43%), or skills shortages (38%).
  • The number of attacks is rising: the survey results indicate that in the past year, there has been a 7% increase in cyber attacks on US businesses. To date, roughly half of all US businesses (47%) have suffered an attack in the past 12 months.
  • Each attack is costing businesses more: The median cost of an attack as of 2022 is $18,000, up from $10,000 last year. The US has also borne a generally higher cost from cyberattacks, with 40% of those suffering attacks incurring costs of $25,000 or more. The most common point of entry was a corporate server in the cloud.
  • The pandemic has prompted businesses to double their IT spend: Despite remote working nearly halving from 62% of the workforce in 2021, to 39% of the workforce by 2022, total IT spending has risen from $11.5m in 2021, to $24.2m in 2022.
  • The US is a global leader in cyber maturity, but is also most likely to pay a ransom: The US had the highest cyber maturity score of 3.05 compared to the average of 2.94. Nonetheless, US companies were the most likely to pay a ransom to recover data, with 84% of companies that experienced a ransomware attack paying up.
  • More businesses are considering purchasing a standalone cyber insurance policy: The number of US businesses that have a standalone cyber insurance policy remained stable at 34%, in comparison to the number of businesses without a policy or any plan to purchase one, which dropped from 18% in 2021 to 12% in 2022.

The survey was conducted between Nov. 30, 2021, and Jan. 21, 2022. The median cost of a cyberattack for all surveyed countries was just under $17,000, an increase of 30% from the year before.

Hiscox:      Hiscox:      Dark Reading:    Varonis:     SC Magazine

You Might Also Read: 

The Most Expensive Data Breaches:

 

« October Is Cyber Security Awareness Month
Developing Nations Face The Biggest Cyber Security Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

SentryBay

SentryBay

SentryBay is the global leader in preventative endpoint isolation protection. We protect remote, BYOD and corporate endpoints so they can safely and securely connect with your corporate network.

FFRI Security

FFRI Security

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

Ponemon Institute

Ponemon Institute

Ponemon Institute conducts independent research on data protection and emerging information technologies.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

DreamIt Ventures

DreamIt Ventures

DreamIt Ventures is an early stage venture fund that accelerates startups building transformative tech products in the fields of Healthtech, Securetech, and Urbantech.

TechForing

TechForing

TechForing Ltd. works for business organization's cyber security and cyber crime incident managements. We help business to secure their business online.

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group, Ltd. (STIGroup) is an innovative firm that provides CyberSecurity consulting, secure IT engineering, managed security services, and human capital solutions.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Shield Capital

Shield Capital

Shield Capital helps founders build frontier solutions in cybersecurity, artificial intelligence, space & autonomy for commercial and government enterprises.

Raman Power Technologies

Raman Power Technologies

Raman Power Technologies focus on bringing value and solving business challenges through the delivery of modern IT services and solutions including cybersecurity.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

LEPHISH

LEPHISH

LePhish is a French cybersecurity solution specializing in automated phishing campaigns.

Neeve

Neeve

Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable.