Web Security Infographic - Aberdeen

Learn how Dyn helps customers improve their Internet performance with Managed DNS, Email Delivery, and Internet Intelligence products.

Issue link:

Contents of this Issue


Page 0 of 0

RISK OF WEB APPLICATION ATTACKS RISK OF MALICIOUS BOTS AGAINST YOUR WEB APPLICATIONS RISK OF DENIAL OF SERVICE ATTACKS AGAINST WEB APPLICATIONS LEARN MORE DESCRIBING YOUR WEB APPLICATION SECURITY RISKS The technical details are about the "what" and "how" — but the business decisions are about the "so what?" and "why it matters." To help senior leaders make better-informed business decisions about web application security risks, we need to talk in terms of how likely these exploits are to happen, and how much business impact they could have when they do, in fact, occur. Although the maximum size of the largest distributed denial-of- service (DDoS) attacks has increased over the last year, the general pattern is towards the use of attacks that are: For the private sector as a whole, assuming status quo capabilities to detect and defend against DDoS attacks based on traditional network firewalls and intrusion detection / prevention systems: To enable users to gain access to business-critical applications and data, across an increasingly complex computing infrastructure. Where detecting and responding to attacks on the availability and performance of your web application infrastructure can happen more quickly, helping to reduce the risk. WEB TRAFFIC COMPOSITION BUSINESS IMPACT SMALLER MORE FREQUENT SHORTER DURATION Taken together, these challenges help to explain the sharp growth in the use of service providers as the means to gain the strategic advantages of "buying" as opposed to "building" when implementing these important capabilities. In addition, it points to the value of a reliable, high-performance edge: Attacks on web applications continue to be the #1 source of confirmed data breaches. Malicious software designed to carry out or facilitate illegal fraudulent online activity. * Attacks on web applications are 5.4 times more effective than crimeware at achieving a successful data breach. This is the "long tail" of risk that is so important for the senior leadership team to understand, in order to make a fully-informed business decision. All research is © 2019 by Aberdeen. All rights reserved. Created by Aberdeen. Brought to you by Oracle. MEDIAN DOWNTIME 2 hours The median annual duration of website downtime or slowdown from DDoS attacks is about 2 hours — with a 10% likelihood to exceed 260 hours, or nearly 11 days of 24/7 operation. BAD BOTS 19% - 22% ALL BOTS 46% - 39% ANNUAL REVENUE 2.2% The median annual business impact of disruptions from DDoS attacks against enterprise websites represents about 2.2% of annual revenue. Not all bots are malicious. Good bots, such as those used for SEO, are essential for your business. HUMANS 54% - 61% ADDITIONAL COSTS INCURRED (e.g., overprovisioning of website infrastructure, wasted website marketing). DATA BREACHES Data breaches as a result of bad bots. LOSS OF REVENUE Loss of revenue because of bad bots (e.g., as a result of website downtime and slowdown, fraudulent transactions) . MEDIAN PER DATA BREACH ~10% LIKELY COST : $25M $800K For the private sector as a whole, the median total cost of a single data breach is about $800K — with a 10% likelihood to exceed a total cost of about $25M. #1 SOURCE OF DATA BREACH 5.4x MORE EFFECTIVE THAN CRIMEWARE* ANNUAL WEBSITE REVENUE MEDIAN : 6% 2% - 10% BUSINESS IMPACT BUSINESS IMPACT Expressed as a percentage of annual website revenue, the annualized business impact of bad bots across all industries is estimated to be between 2% and 10%, with a median of about 5.6%.

Articles in this issue

Links on this page

view archives of Infographics - Web Security Infographic - Aberdeen