A new report by cyber security and application delivery solutions provider Radware reveals that DDoS attacks on applications cost companies an eye-watering average of US$6,130 per minute when systems go down. The study, carried out with Osterman Research, also reveals a significant increase in the frequency of bot, application, API and DDoS attacks over the last year. Nearly half of organisations (46%) reported daily or weekly web application attacks, and almost a third (31%) face DDoS attacks on a weekly basis.
The research highlights the escalated threats to web applications and increasing concerns over hybrid cloud infrastructures and API usage. In tandem, many organisations are struggling with inadequate levels of security preparedness. Application attacks have become the most frequently occurring type of attack, jumping from 4% in 2022 to 23% in 2023.
Despite the integral role that internally developed and third-party APIs play in modern business strategies, these technologies are a cause of further concern for many. More than 87% of organisations report increasing dependence on APIs, while almost 74% admit a lack of confidence that their internally developed APIs are protected against security threats leading to unauthorised data access, exposure of application logic, and data breaches. Alarmingly, 64% of respondents wouldn't be surprised by an imminent breach via third-party APIs or code.
Haim Zelikovsky, vice president of cloud security services at Radware, said: "Companies continue to admit to looming security challenges and struggle with a lack of readiness when it comes to protecting their applications and infrastructure. Threats against applications are increasing in frequency and severity. These are made worse by marked concern over multi-cloud security, the weak protection of internally developed and third-party APIs, and insufficient defences against application DDoS attacks."
The study also pointed to an increasing concern over public cloud security, and the inability of many organisations to achieve consistent security policies. Other significant issues were protection coverage between platforms and unified visibility. Despite widespread migration to the cloud, around 73% of businesses still use on-premises environments, and expect their usage to increase over the next 12 months.
The research involved personnel from various security roles in 10 countries across the Americas, APAC, EMEA, and LATAM regions. Senior DevOps and DevSecOps administrators, application and cloud security architects, senior network security administrators, and vice presidents of research and development all contributed. The study underscores the critical importance of preparing for and countering modern cyber threats in a multi-cloud world.