50% of respondents believe AI will enable hackers to launch more attacks, Barracuda’s Cybernomics 101 report revealed.
Barracuda Networks, Inc., a provider of cloud-first security solutions, published its Cybernomics 101 report, which examines the financial forces and profit motives behind cyberattacks. The new report reveals the average annual cost of responding to compromises exceeded US$5 million. The report also raises the alarm over hackers exploring how they can use generative AI (GenAI) technology to increase their attacks’ volume, sophistication, and effectiveness. 50% of respondents believe AI will enable hackers to launch more attacks. The survey also identified that 71% of respondents had experienced a ransomware attack over the last year, and 61% paid the ransom.
Fleming Shi, CTO, Barracuda, said, “While the Cybernomics 101 research underscores the harsh reality of suffering a data breach, it also underscores that organisations are not powerless. Proactive monitoring and attack detection to prevent progression to more severe stages like data exfiltration or ransomware is key. By preparing for these scenarios today, organisations can significantly reduce the impact and cost of these incidents.”
Barracuda commissioned independent research firm Ponemon Institute to poll 1,917 IT security practitioners who manage their organisation’s IT security functions or activities. They represent companies with 100 to 5,000 employees across various industries around the globe.
The report offers insight from survey respondents who identified as ethical hackers on the most widely used attack vectors, which might offer the greatest return for attackers. The research identifies the behaviours and proven security measures implemented by ‘High Performers’ that can serve as models for success. The report presents best practices that will help any organisation become more effective in identifying, containing, and recovering from attacks.
They include adopting a platform approach to security rather than relying on a collection of disparate individual security tools or solutions, implementing privileged access rights to ensure that sensitive data remains accessible only to authorised individuals, and creating (and regularly rehearsing) a security incident response plan.
