Akamai, the intelligent edge platform for securing and delivering digital experiences, and Ponemon Institute, today revealed the findings from an APAC-wide study that identifies and understands the changes in the cost and consequences of web application and DoS attacks. Businesses surveyed in the study estimated that the total average cost of web application attacks in APAC over the past 12 months was $2.4 million per company, while the total average cost of DoS attacks was $1.1 million.
The study, titled 'Trends in the Cost of Web Application and Denial of Service Attacks: Asia Pacific', conducted by Ponemon Institute and sponsored by Akamai Technologies, surveyed 501 IT practitioners across operations, security, compliance and data centre administration from industries such as Financial Services, Manufacturing, Public Sector, Transportation, Hospitality and many more. The study found that companies spent an estimated $903,830 and $294,627 on web application attacks and DoS attacks respectively.
According to the study, revenue losses stemming from customer-facing services being unavailable averaged $435,222 over the past year. The study also revealed that companies experienced an average of approximately four DoS attacks, over the same period of time. Following an attack, the average amount of downtime was 7.45 hours, and the time taken to mitigate just one DoS attack was more than one hour (60.32 minutes).
Key findings from the study include:
Web Application Attacks
The importance of safeguarding web applications
Web application security is considered critical for organizations: Web application attacks are a constant threat for companies. 43 percent of respondents said that web application security is more critical than other security issues faced by their organizations.
Effectiveness of Web Application Firewalls (WAF)
A WAF should support both security and performance: While performance is an attribute often overlooked for security solutions, a majority of respondents placed a high value on performance for a WAF solution. 69 percent of respondents said that a fully functional WAF is one that optimizes both performance and security.
The cost of web application attacks
Companies face growing revenue losses from web application attacks because potential customers are not only unable to purchase goods and services, but also tie- up support staff complaining about this and seeking help: 37 percent of respondents said that the largest cost related to web application attacks is technical support.
Denial of Service Attacks
The growing threat of DoS attacks
A lack of qualified security personnel is more of a barrier than a lack of resources: 54 percent of respondents believe that the most critical barrier to preventing DoS threats is the lack of qualified security personnel. 43 percent said that is because of inadequate or insufficient technologies, while 37 percent of respondents believe not having sufficient budget resources is a barrier.
The financial consequences of a DoS attack
Revenue losses and the need to allocate resources to technical support are the most significant financial consequences of DoS attacks: 30 percent of respondents said that the largest cost is the loss of revenue because customer facing services were unavailable.
The sampling frame for the 'Trends in the Cost of Web Application and Denial of Service Attacks: Asia Pacific' study composed of 14,655 IT and IT security practitioners located in the APAC region. A total of 551 respondents completed the survey out of which 50 surveys were removed by screening. The final sample consisted of 501 surveys.
Akamai secures and delivers digital experiences for the world’s largest companies. Akamai’s intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone — and attacks and threats far away. Akamai’s portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world’s top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter.