With cyberattacks posing an ever-growing challenge for individuals and corporations alike, north, south, east and west, no one is out of the woods. Ransomware and phishing attacks, as bread and butter as they sound, are still on top of CISO’s concerns, and the number of them is rising. The figures of data compromises skyrocketed from 1862 in 2021, to a staggering 2116 in the first three quarters of 2023.
Chances are that most cyberattacks will be water under the bridge for the Goliaths of the corporate world, but the Davids reel deeply from damage to IT assets. Other than large corporations, smaller businesses (100 to 5000 employees) face the uphill cost of over $5 million per year. The rundown of the cost that corporations forked over due to a cyberattack reached amounts as high as $5.74 million per year to respond to compromises, with ransom payments that average $1.38 million. Cyberattack sophistication is a concern for 62% of entrepreneurs, CEOs and CISOs alike.
Another worrisome fact would make the headlines of a sci-fi thriller, but it is here, upon us. Cybercriminals are way ahead in the AI race, they leverage AI to raise the bar of their cyberattacks. Malicious actors do avail of generative AI to double down on the quality and quantity of their attacks and their victims are ill-prepared. 48% of respondents think generative AI will cut back on the time it takes for a proficient hacker to reap benefits from a vulnerability within a single environment. 50% of interviewees think generative AI will indeed skyrocket the number of attacks a cybercriminals can launch per day. The grim picture is painted by the fact that only 39% think their security infrastructure is suited to a T to protect against GenAI-powered security attacks.
Barracuda and Ponemon Institute‘s Cybernomics Report aims at exposing the pitfalls to blame for most cybersecurity issues and those who profit from exposing vulnerabilities, but it also aims at enabling everyone to stand on the shoulders of “high performers”, or those who implemented strong measures which can be followed so that everyone can do the same.
It showcases the security challenges organizations worldwide face and the financial consequences that ensue after security compromises like ransomware and phishing attacks as well as to find the answer businesses need to defend themselves in a context where malicious actors only need one shot to get it right. On the one hand, it takes a measly of 6 hours for a proficient hacker to exploit the victim‘s vulnerability. On the other hand, it takes an IT team 427 hours to investigate, clean, fix and document a successful phishing attack.
An alarming certainty that stands conspicuously on the stats as the third most common cyberattack trigger is the failure to safely compute sensitive data by employees or contractors, thus exposing it to malicious actors. This further stresses the need for suitable cyber training in order to clinch a fully-fledged cybersecurity approach.
Investment in cyber literacy saves data, and skimps millions in resilience expenditure, proving to be a safe and swift ROI. The future is upon us, and so is generative AI, which, as a double-edged sword, poses a significant threat when it comes to the number of attacks and the sophistication of these. Therefore, the AI technology deployed by cybercriminals must be matched by Red Team members.
Click here to download the report.