Cybersecurity response costs up in light of new cloud risks

Businesses pay US$1,197 per employee each year to address the fallout of successful cyber attacks, according to a new report, which means a 500-employee company spends on average US$600,000 each year for cybersecurity responses.

Threat prevention company Perception Point’s report The Rise of Cyber Threats Against Email, Browsers and Emerging Cloud-Based Channels investigates the expanding threat landscape against email, browsers, and emerging cloud-based channels. 

Based on a survey conducted in conjunction with Osterman Research, the report surveyed senior security and IT stakeholders at large businesses and revealed several findings about the current threat landscape.

This includes the key takeaway that organisations pay US$1,197 per employee annually to address successful cyber incidents across email services, cloud collaboration apps or services, and web browsers. The report authors say this means that a 500-employee company spends on average US$600,000 each year. This figure excludes compliance fines, ransomware mitigation costs, and business losses from non-operational processes, say the report authors, all of which can cause costs to increase.

New cloud collaboration apps, cloud storage and productivity services have been rolled out rapidly since 2020 as organisations worldwide have embraced new work patterns, say the report authors, and threat actors have pivoted their attack toolkits to extend beyond email and the web browser to these new apps and services. 

Although many of these new tools have only been around for a few years, the report finds that malicious incidents against these new cloud-based apps and services already occur at 60 per cent of the frequency with which they occur on email-based services, with some attacks, like those involving malware installed on an endpoint, occurring on cloud collaboration apps at 87 per cent of the frequency with which they occur on email-based services.

Cyber security staff need days to address each incident

The report also highlights that a successful email-based cyber incident takes security staff an average of 86 hours to address. As a result, one security professional, with no support, can only handle 23 email incidents per year, representing a direct cost of US$6,452 per incident in time alone. 

Incidents that have been detected on cloud collaboration apps or services take on average 71 hours to resolve, meaning that one professional can handle 28 incidents per year at an average cost of US$5,305 per incident. Enterprises should be consolidating their security stack for more holistic and efficient threat protection, as well as leveraging managed services to support their security teams with scalable and flexible incident response capabilities, say the report authors.

"The Perception Point-Osterman report supports cybersecurity leaders' assessments of the expanding threat landscape trends and how they impact companies' bottom lines," says Yoram Salinger, CEO of Perception Point. "These findings demonstrate the urgent need for organisations to find the most accurate and efficient cybersecurity solutions which provide the necessary protection with streamlined processes and managed services, in particular with enterprises increasingly prioritising value for money in today's challenging economic environment. 

“Moreover, the rapid growth of non-email-based threats crucially underscores the need for security teams to keep up with emerging trends, especially as the modern work environment is in flux and the number of cloud-based collaboration tools that organisations rely on is only likely to expand."

Additional findings include:

• All organisations plan to deploy at least one new security tool to combat threats over the coming year, and 69 per cent plan to deploy three or more.

• 80 per cent of respondents believe that new channels, including cloud collaboration apps and web browsers, will be "important" or "extremely important" for employee productivity by 2024. This figure is an increase on the 68 per cent who consider these channels "important" or "extremely important" today, and 33 per cent who thought the same two years ago.

• Half of all organisations use six or more different communication and collaboration tools; some 19 per cent (almost one-fifth) use nine. Using such a wide range of tools increases the number of vectors which attackers can target.

• More than 70 per cent of respondents believe that the frequency of security threats will remain the same or increase over the next two years

• All types of attacks are getting more sophisticated, but this is especially the case for attacks against cloud collaboration apps and services. 72 per cent of respondents indicated that attacks against cloud storage services have grown more sophisticated over the past year, compared to 57 per cent who stated that attacks against email have grown more sophisticated. This trend is especially concerning given the rapid adoption rate of new cloud-based apps and services.

"With cloud collaboration apps and services now complementing email as a cornerstone of any enterprise's workflow, modern cybersecurity solutions must adapt to encompass the totality of channels and threat types," says Michael Sampson, Senior Analyst, Osterman Research. "Organisations cannot afford – financially or reputationally – to rely on outdated approaches. Our survey demonstrates the clear need for agile and holistic threat prevention solutions, and organisations which embrace these conclusions stand to set themselves apart from their competitors amidst today's fast-evolving circumstances."