Barracuda Report: Annual Recovery Costs from Cybercrime Could Reach USD $5 Million
The annual cost of responding to cybercrime for businesses can be as much as US$5 million, according to a new report from Barracuda Networks, a trusted partner and leading provider of cloud-first security solutions.
Taking in nearly 2000 responses from IT security practitioners who manage their organisation’s IT security functions or activities in five countries across APAC, the U.S. and EMEA, Barracuda’s Cybernomics 101 report examines the financial forces and profit motives behind cyberattacks.
.png)
According to the study, enterprises with 100 to 5,000 employees can face an average annual cost of US$5.34 million to recover from cyber compromises like successful ransomware or phishing attacks. This expense includes addressing damage to IT assets, incidents of theft, and operational disruptions arising from attacks.
The report also delves into the security challenges faced by organisations and raises the alarm over hackers exploring the use of generative AI (GenAI) technology to increase the volume, sophistication, and effectiveness of their attacks. According to the report, half of the security professionals interviewed (50%) believe AI will enable hackers to launch more attacks, and only 39 per cent believe their security infrastructure is adequately equipped to protect against GenAI-powered security attacks.
When it came to ransomware, the study found that a majority of respondents (71%) had experienced a ransomware attack in the last year, and 61 per cent admitted to paying the ransom. According to respondents, the highest amount paid for a ransomware attack, on average, is US$1.38 million.
Fortunately, the report also provides some positive takeaways, identifying ‘High Performers’, a subset of respondents that model behaviours and proven security measures for successfully mitigating risks, vulnerabilities, and attacks. These include tactics like adopting a platform approach to security rather than relying on a collection of disparate individual security tools or solutions; implementing privileged access rights to ensure that sensitive data remains accessible only to authorised individuals, and creating (and regularly rehearsing) a security incident response plan.
.png)
“While the Cybernomics 101 research underscores the harsh reality of suffering a data breach, it also underscores that organisations are not powerless,” said Fleming Shi, CTO, Barracuda. “Proactive monitoring and attack detection to prevent progression to more severe stages like data exfiltration or ransomware is key. By preparing for these scenarios today, organisations can significantly reduce the impact and cost of these incidents.”
Mark Lukie, Director of Solution Architects, Barracuda APAC, said: “The report underlines the significant impact cyberattacks can have on organisations, an impact that many may struggle to recover from. Cyber-resilence needs to be a priority, particularly as technology continues to advance and we start to see hackers being able to harness the power of GenAI to improve the efficiency and effectiveness of their attacks. Unfortunately, it’s a vicious cycle. Once cybercriminals find a recipe that works, they will continue to use it – so taking note of the best practices highlighted in this report, as they could help to give businesses a head start in reducing the impact of attacks.”
