Respondents in one international survey that cited success in cyber resilience were implementing best practices…
In a commissioned survey of 1,917 IT personnel involved in the management of their organizations’ IT security functions or activities in the United States (522), the United Kingdom (372), France (329), Germany (425), and Australia (269) in September 2023, in firms with a headcount between 100 and 5,000, some observations were reported.
First, the data showed that the annual cost of responding to cybercrime can be as much as US$5.34m for ransomware or phishing attacks, including the fiscal damage to IT assets/incidents/theft, and operational disruptions arising from attacks.
Secondly, generative AI (GenAI) was cited as an increased concern for its role in increasing the volume, sophistication and effectiveness of cyberattacks by half of the respondents. Meanwhile, 39% cited their confidence in protecting their security infrastructure against GenAI-powered security attacks.
Thirdly, in terms of ransomware incidents, 71% of respondents cited having experienced an attack in the past year, and 61% cited their organization’s payment of ransom demands, where US$1.38m was the average amount paid for such attacks.
Finally, a subset of respondents cited success in mitigating risks, vulnerabilities, and attacks during the survey period. They cited tactics such as adopting a platform approach to security rather than relying on a collection of disparate individual security tools or solutions; implementing privileged access rights, and regular drills dictated by a well-implemented security incident response plan.
According to Mark Lukie, Director of Solution Architects (APAC), Barracuda, which commissioned the survey: “Cyber resilience needs to be a priority, particularly as technology continues to advance and we start to see hackers being able to harness the power of GenAI to improve the efficiency and effectiveness of their attacks. Unfortunately, it’s a vicious cycle. Once cybercriminals find a recipe that works, they will continue to use it: so, taking note of the best practices … could help to give businesses a head start in reducing the impact of attacks.”
