Average Cost Of A Cyber Attack Increases By 80%

Uploaded on 2022-10-11 in FREE TO VIEW, BUSINESS-Services-Financial

In seven out of eight countries, cyber attacks are now seen as the biggest risk to business, more than  COVID-19, economic turmoil, skills shortages, and other issues. Indeed, cyber threats are viewed as the dominant risk with the median cost of a cyber attack on a US-based business costing $18,000, up from $10,000 the previous year. 

The leading specialist insurance company Hiscox commissioned Forrester Consulting to survey more than 5,000 security professionals in the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland for its Cyber Readiness Report 2022. 

Cyberattacks were the biggest concern of the 900 firms surveyed in the U.S. at 46%, outpacing the pandemic (43%) or skills shortage (38%).

Almost half of businesses in the U.S. (47%) suffered a cyberattack in the last 12 months, an increase of 7% from the previous year, while the most common entry point for all surveyed countries was a corporate server in the cloud (41%), followed closely by business email (40%).

While the cyber criminals have long targeted high-value companies, it is clear they are now moving down the food chain. International agencies have recently warned that more mid- and small-sized businesses are being targeted and this is borne out in this year’s report by Hiscox.

Despite leading the other seven countries in cyber maturity, scoring 3.05 compared with an average of 2.94, 84% of companies based in the U.S. that experienced a ransomware attack paid to recover data. The number of U.S. firms with standalone cyber insurance remained steady at 34%. “Despite 61% of survey respondents now being back in the office, businesses are still experiencing a hangover from the pandemic,” said Alannah Paul, cyber product head for Hiscox in the U.S.

“Remote working provided a year-long Christmas for cyber criminals, and we can see the results of their cyber-feast in the increased frequency and cost of attacks. As we move into a new era of hybrid working, we all have an increased responsibility to continue learning, and managing our own cybersecurity.” according to Paul.

The annual Hiscox Cyber Readiness Report, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed over 5,000 professionals responsible for their company’s cyber security.
This includes firms from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland. 

Key findings specific to the more than 900 US professionals surveyed include:

 

  • Cyber attacks are a bigger worry for US businesses than the ‘great reshuffle’: US businesses are more concerned about cyber attacks (46%), than the pandemic (43%), or skills shortages (38%).
  • The number of attacks is rising: the survey results indicate that in the past year, there has been a 7% increase in cyber attacks on US businesses. To date, roughly half of all US businesses (47%) have suffered an attack in the past 12 months.
  • Each attack is costing businesses more: The median cost of an attack as of 2022 is $18,000, up from $10,000 last year. The US has also borne a generally higher cost from cyberattacks, with 40% of those suffering attacks incurring costs of $25,000 or more. The most common point of entry was a corporate server in the cloud.
  • The pandemic has prompted businesses to double their IT spend: Despite remote working nearly halving from 62% of the workforce in 2021, to 39% of the workforce by 2022, total IT spending has risen from $11.5m in 2021, to $24.2m in 2022.
  • The US is a global leader in cyber maturity, but is also most likely to pay a ransom: The US had the highest cyber maturity score of 3.05 compared to the average of 2.94. Nonetheless, US companies were the most likely to pay a ransom to recover data, with 84% of companies that experienced a ransomware attack paying up.
  • More businesses are considering purchasing a standalone cyber insurance policy: The number of US businesses that have a standalone cyber insurance policy remained stable at 34%, in comparison to the number of businesses without a policy or any plan to purchase one, which dropped from 18% in 2021 to 12% in 2022.

The survey was conducted between Nov. 30, 2021, and Jan. 21, 2022. The median cost of a cyberattack for all surveyed countries was just under $17,000, an increase of 30% from the year before.

Hiscox:      Hiscox:      Dark Reading:    Varonis:     SC Magazine

You Might Also Read: 

The Most Expensive Data Breaches:

 

« October Is Cyber Security Awareness Month
Developing Nations Face The Biggest Cyber Security Challenges »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CloudInsure

CloudInsure

CloudInsure is a Cloud Insurance platform designed to specifically address emerging liabilities within the Cloud environment.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Paygilant

Paygilant

Paygilant’s disruptive technology is designed to protect mobile payment  financial transactions against fraudulent attacks, whether executed by NFC, QR code, P2P or in-app.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

INFRA Security & Vulnerability Scanner

INFRA Security & Vulnerability Scanner

INFRA is a powerful platform with an easy interface for any kind of Ethical Hacking, from corporate monitoring and VAPT (vulnerability assessments and penetration testing) to military intelligence.

LeadingIT

LeadingIT

Leading IT provides IT support, cloud computing, email support, cybersecurity, networking and firewall services to Chicagoland businesses.

Cheops Technology

Cheops Technology

Cheops is a specialist in IT Business Technology Services. We help SMEs and large companies build, optimize and manage their IT so they can focus on their core business.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

CyAmast

CyAmast

CyAmast is an IoT Network security and analytics company that is changing the way enterprise and governments detect and protect networks from the pervasive threat of cyber attacks.

C/side (cside)

C/side (cside)

At c/side, we're creating the ultimate delivery, performance and detection mechanism for browser-side fetched 3rd party Javascript.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

Liverton Security

Liverton Security

Liverton Security is a New Zealand-owned cyber security provider offering consultancy and security-related products to government and commercial customers throughout New Zealand.