A recent BrandShield survey of chief information security officers (CISOs) found that CISOs reported an average loss of $2.1M USD per cyberattack. Smaller companies (<1,000 employees) and larger companies (>1,000 employees) reported $1.8M and $2.5M in average damages, respectively, with 70% of companies losing $1M or more per attack. 

European companies suffered greater financial losses on average, with 81% of European companies losing more than $1M per cyberattack, compared to 64% of American companies for the same metric. Six percent of CISOs report having not experienced a digital risk related cyberattack since 2020, with brand impersonations (38%) and ransomware (37%) being the most heavily cited attacks, though it is that some among this group were not aware of attacks they have experienced. The top categories of digital risk cyberattacks since 2020 are as follows: 

  1. Brand impersonation – 38% 
  2. Ransomware – 37% 
  3. Executive impersonation – 35% 
  4. Network malware – 34% 
  5. Typosquatting – 29% 
  6. Phishing and scam sites – 27% 

Ninety-two percent of CISOs plan to increase their cybersecurity budgets to detect and mitigate threats in 2024, with leaders turning their attention towards external threats as a top security concern (23%), followed by network security (17%) and cloud security (17%). The study noted that of the three sectors examined, companies in the financial services sector are most likely to increase their budget (32%) followed by software development (31%) and retail & e-commerce (29%).

Amid the emergence of new AI tools and the growing sophistication of fraudsters, CISOs also reported seeing an increased risk from mobile devices with 20% indicating mobile apps were their greatest digital security risk, followed by cryptocurrency scams (18%) and social media impersonations (17%). Here’s a full breakdown of which external threats are of greatest concern to CISOs: 

  1. Mobile apps – 20% 
  2. Cryptocurrency scams – 18% 
  3. Social media impersonation – 17% 
  4. Phishing and scam sites – 15% 
  5. NFT scams – 10% 
  6. Paid ads – 10% 
  7. Metaverse scams – 10%