Radware recently concluded its Annual Executive Survey ─ “2019 C-Suite Perspectives: From Defense to Offense, Executives Turn Information Security Into a Competitive Advantage” ─ in which over 260 CIOs, CTOs and VPs across the Americas, Europe, Middle East, Africa, and the Asia-Pacific region participated. A large majority of our respondents work at enterprises with annual revenues over 1 Billion USD/EUR/GBP. The survey was designed to learn about their perceptions around cybersecurity, as well as their awareness of the menace of automated attacks. The responses we received indicate growing awareness about emerging security threats, especially those posed by malicious bots. Let’s look at some of the highlights from Radware’s survey.
When asked about the kinds of automated attacks their businesses encountered, 52% reported cases of account takeovers and unauthorized access, while 48% reported incidents of content scraping and 46% reported inventory issues (caused by shopping cart abandonment). 39% reported payment fraud caused by malicious bot attacks, and 19% had denial of service attacks.
An increasing concern of executives is that mobile apps were among the most attacked targets, with 27% of respondents stating that their apps were hit by bot attacks every day. Moreover, 15% of them reported that their apps were being attacked every week, and 19% were attacked every month.
FREQUENCY OF ATTACKS ON MOBILE APPLICATIONS
When asked about the impact of bot attacks on their websites, apps, and APIs, 56% said that high volumes of bot traffic forced them to invest in greater capacity across their web infrastructure, while 53% experienced lowered revenue due to shopping cart abandonment and held up inventory. Skewing of marketing analytics due to bot traffic was reported by 51% of respondents, and 36% of them said that bot attacks led to abuse of user accounts or payment information. Only 7% stated that they had not experienced any of these specific types of attacks, but had faced other types of automated attacks on their online properties.
According to our respondents, the four main business impacts of a security incident were loss of customers (45%), loss of brand reputation (44%), as well as loss of revenue and operational losses at 32% each. With the average cost of an attack estimated to be roughly $4.6M, it’s not surprising that over 70% of respondents stated that cybersecurity is a topic of discussion at every board meeting (with roughly half of their time being spent on information security). Another interesting fact our survey uncovered was that over 80% of the executives believe that they have the means to monitor and detect non-human traffic, but 32% of them could not estimate the volume of bot traffic.
Nearly 40% of companies rely on bots to help carry out business functions and share data, while nearly the same percentage stated that their marketing metrics were being distorted by bot traffic. Another finding from our survey was that one in five executives were unaware that bots could have human-like behavior.
Clearly, there is growing awareness of the impact and volumes of bot attacks. Senior management across industries are increasingly implementing measures to prevent automated attacks that dearly cost enterprises in terms of lost customers, revenue, and damage to their reputations. According to Anna Convery-Pelletier, Chief Marketing Officer at Radware, “This year’s C-Suite Perspectives report shines a spotlight on increased sophistication of management philosophy for information security and security strategy. While responsibility for cybersecurity continues to be spearheaded by the CIO and CISO, it is also being shared throughout the entire C-Suite. Security issues now influence brand reputation, brand trust and consumer trust, which forces organizations to make a fundamental shift in thinking about the role of security in customer experience, marketing and business operations.”
Click here to read the complete Radware C-Suite Perspectives report.