July 27, 2023
3 min read

New Research Projects Nearly 1,000% Increase in API Cyberattacks by 2030

Data Study in Latest Kong eBook Finds that the Total Cost of Attacks to Reach $506 Billion in U.S. by the End of the Decade

SAN FRANCISCO, CA, July 27, 2023 — Kong Inc., an industry leader in cloud native API management, today published new research in conjunction with its latest eBook, "Leading Digital Transformation: Best Practices for Becoming a Secure API-First Company." The study, conducted in collaboration with Kong analysts and an outside economist, forecasts a dramatic 996% increase in API attacks by the end of this decade. This signifies a marked escalation in both the frequency and intensity of API-related cyber threats.

This new study also sheds light on the economic impact of API cyberattacks.

As of 2023, the average cost for a security breach stands at $6.1 million, a figure that includes not only the direct cost of remediation but also the substantial value lost due to damage to a company's reputation. The research predicts this average cost will increase to nearly $14.5 million by 2030, up by 95%.

The study also highlights the economic impact of API-related cyberattacks in the United States. The current national annual cost stands at an astounding $10.6 billion, a figure predicted to skyrocket to nearly $198 billion within the next seven years. This equates to a cumulative cost of $506 billion by the end of the decade.

To contextualize the magnitude of the financial threat, the study's authors compared these figures to the projected U.S. GDP for 2030. It was found that the economic cost of these cyberattacks could amount to 0.6% of U.S. GDP. To put this in perspective, the economic toll exceeds the entire GDPs of countries such as Singapore, Israel and Ireland, respectively.

"We initiated this research to better understand the risks associated with poorly managed APIs. However, the results were surprising, even to us," said Marco Palladino, chief technology officer and co-founder, Kong Inc. "The data demonstrates a clear and urgent need for businesses to adopt best practices that enable them to continue to build fast, but also provide for consistent API governance and stronger API security.

APIs and modern microservice architecture are central to nearly all innovation we've seen emerge in recent years. Thats everything from generative AI to decentralized blockchain, and the future applications appear limitless, said Dr. Christopher Whaley, Ph.D. and associate professor, Brown University. The research, however, indicates poorly managed and leaky APIs have left the back door open to security threats that carry significant individual and macroeconomic consequences.

"Leading Digital Transformation: Best Practices for Becoming a Secure API-First Company," offers businesses actionable insights for organizations seeking to adopt consistent API governance, enforce API security, and execute with speed and accountability. This publication bridges the knowledge gap in API management and security by highlighting common mistakes organizations make and provides best practices for becoming an API-first enterprise.

For more details on the research and the eBook, please visit:

Research Methodology:
Our study examined trends in API and cyber security vulnerabilities and used statistical modeling to forecast future API attacks and the inflation-adjusted economic costs of these attacks. Economic costs include both direct and indirect costs, weighted and adjusted for inflation as compiled by the U.S. Bureau of Labor Statistics. These economic costs were compared to U.S. Gross Domestic Product (GDP) predictions developed by the Congressional Budget Office.

About Kong Inc.
Kong is a leading provider of cloud-native API management solutions. From startups to global Fortune 500 companies, our API platform empowers enterprises worldwide to unlock developer productivity, build and manage APIs securely and achieve the fastest API and microservices performance at scale. Our mission is to enable every company to become an API-first company.

For more information about Kong, please visit or follow us on Twitter @thekonginc.

Media Contact:
Jim Rivas

Kristin Schaeffer
AMF Media