Businesses surveyed in the study estimated that the total average cost of web application attacks in APAC over the past 12 months was USD 2.4 million per company, while the total average cost of DoS attacks was USD 1.1 million
Akamai, the intelligent edge platform for securing and delivering digital experiences, and Ponemon Institute, revealed the findings from an APAC-wide study that identifies and understands the changes in the cost and consequences of web application and DoS attacks. Businesses surveyed in the study estimated that the total average cost of web application attacks in APAC over the past 12 months was USD 2.4 million per company, while the total average cost of DoS attacks was USD 1.1 million.
The study, titled Trends in the Cost of Web Application and Denial of Service Attacks: Asia Pacific, conducted by Ponemon Institute and sponsored by Akamai Technologies, surveyed 501 IT practitioners across operations, security, compliance and data centre administration from industries, such as Financial Services, Manufacturing, Public Sector, Transportation, Hospitality and many more. The study found that companies spent an estimated USD 903,830 and USD 294,627 on web application attacks and DoS attacks respectively.
According to the study, revenue losses stemming from customer-facing services being unavailable averaged USD 435,222 over the past year. The study also revealed that companies experienced an average of approximately four DoS attacks, over the same period of time. Following an attack, the average amount of downtime was 7.45 hours, and the time taken to mitigate just one DoS attack was more than one hour (60.32 minutes).
Key findings from the study include:
Web Application Attacks
- The importance of safeguarding web applications
- Web application security is considered critical for organizations: Web application attacks are a constant threat for companies. 43% of respondents said that web application security is more critical than other security issues faced by their organizations.
- Effectiveness of Web Application Firewalls (WAF)
- A WAF should support both security and performance: While performance is an attribute often overlooked for security solutions, a majority of respondents placed a high value on performance for a WAF solution. 69% of respondents said that a fully functional WAF is one that optimizes both performance and security.
- The cost of web application attacks
- Companies face growing revenue losses from web application attacks because potential customers are not only unable to purchase goods and services, but also tie-up support staff complaining about this and seeking help: 37% of respondents said that the largest cost related to web application attacks is technical support.
Denial of Service Attacks
- The growing threat of DoS attacks
- A lack of qualified security personnel is more of a barrier than a lack of resources: 54% of respondents believe that the most critical barrier to preventing DoS threats is the lack of qualified security personnel. 43% said that is because of inadequate or insufficient technologies, while 37% of respondents believe not having sufficient budget resources is a barrier.
- The financial consequences of a DoS attack
- Revenue losses and the need to allocate resources to technical support are the most significant financial consequences of DoS attacks: 30% of respondents said that the largest cost is the loss of revenue because customer facing services were unavailable.