The Economic Impact of API and Bot Attacks

Imperva believes that these alarming estimates underscore entirely preventable losses. By investing in comprehensive API security and bot management solutions from the beginning, companies could substantially reduce API-related and bot-related losses, especially as API adoption grows.

The analysis indicates that large firms may face a heightened risk of API-related incidents, perhaps because their extensive deployment and utilization of APIs increase their exposure to potential breaches. When comparing API-related security incidents to non-API-related incidents in the database, the Marsh McLennan Cyber Risk Intelligence Center identified a positive correlation between company revenue and the frequency of API-related incidents. For companies with over USD 100 billion in revenue, it is estimated that up to 18% of their cyber incidents were likely API-related.

Up to 14% of cyber incidents for this same category of companies were estimated to be bot-related.. API-related and bot-related incidents accounted for up to 25% of total cyber incidents for these organizations, emphasizing the need to protect APIs from sophisticated, automated threats.

This report combines data from Imperva’s latest threat research with insights from the Marsh McLennan Cyber Risk Intelligence Center to provide insights on the expanding