A brand new report has laid naked the numerous monetary and reputational prices stemming from severe cyber-attacks, together with what are sometimes unplanned bills.
Netwrix’s 2024 Hybrid Safety Tendencies Report relies on a worldwide survey of 1309 IT and safety professionals.
It discovered that 79% of responding organizations detected a severe cyber-attack within the earlier 12 months, versus 68% a 12 months in the past. Of these:
- A fifth (20%) misplaced aggressive benefit as a result of these assaults (up from 13% in 2023)
- 16% skilled a lower in firm valuation (up from 3%)
- 13% had been hit with lawsuits (up from 3%)
- 14% skilled buyer churn (up from 10%)
- 13% skilled a change in senior management (up from 8%)
In complete, practically half (45%) of these surveyed claimed to have incurred unplanned bills after being attacked. The share that suffered no monetary influence dropped from 47% final 12 months to 38% in 2024.
That partly explains why an growing quantity are looking for out cyber-insurance. Round two-thirds (62%) of respondents stated they presently have a coverage or are planning to buy one inside the subsequent 12 months. A fifth (19%) of these already insured used their coverage final 12 months.
Read more on security breaches: US on Track For Record Number of Data Breaches
Dirk Schrader, VP of safety analysis at Netwrix, defined that many insurers are actually demanding that organizations have identification and entry administration and privileged entry administration instruments and processes in place.
“Contemplating the excessive probabilities of a payout request, it’s no surprise the necessities for acquiring a coverage have grow to be stricter,” he added. “These options considerably complicate the privilege escalation for the attacker and their lateral motion. Consequently, the safety workforce has extra time to identify suspicious exercise and reply to the assault earlier than any severe harm happens.”
Maybe unsurprisingly, the report additionally revealed phishing to be the primary assault vector throughout on-premises and cloud techniques, with three-quarters (74%) of respondents citing it.
Cloud account compromise has additionally spiked over latest years, from simply 16% of respondents in 2020 to 55% this 12 months. These account takeovers typically stem from phishing assaults, though they might additionally come from brute power assaults or breached credentials that are bought on the darkish net.
