The Applied Research survey, commissioned by F5 Networks, found that attacks against Domain Name System (DNS) infrastructure and network-layer denial-of-service (DoS) attacks overall are the most difficult to defend against and are the most frequent and painful to an organization. About half said their current security is "somewhat effective," while 32 percent said it's "completely effective."
The biggest cost to organizations from a breach was lost productivity, which 50 percent reported, followed by loss of data (43 percent), lost revenue (31 percent), loss of customer trust (30 percent), regulatory fines (24 percent), and theft of money or goods (19 percent).
"The loss of data [cost] was higher than I would have expected," says Alan Murphy, senior technical marketing manager for F5.
Nearly half said they somewhat or extremely frequently see attacks that access unencrypted data, followed by 43 percent experiencing the same with DNS attacks, security misconfigurations, and cross-site scripting. Around 42 percent experience network-layer distributed denial-of-service attacks and cross-site request forgery attacks somewhat or extremely frequently.
Firewalls mostly or completely handled these and other attacks around 70 to 74 percent of the time. More than 40 percent say a firewall failed due to a network-layer DoS attack, and just more than 35 percent had the same problem with an application-layer DoS attack.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.