Cyberattackers are opportunistic and aim for the easiest targets first. That’s according to results of a new survey released by security provider Palo Alto Networks.

Researchers at the Ponemon Institute conducted the survey of more than 300 people in Germany, the U.K. and the U.S. — 79 percent of whom describe themselves as “involved with the attacker community.”

The survey reveals that cyberattackers aren’t very patient. Nearly three-quarters (72 percent) of respondents said they won’t waste time on an attack that will not quickly yield high-value information. For every 40 additional hours it takes a malicious hacker to conduct a successful attack, the likelihood of that attack reduces by 60 percent.{ad}

Think these cyber bad guys are raking in the dough? Not really, if they’re being honest. The average cyberattacker earns less than $30,000 per year from being a black hat; that’s about one-quarter of a cybersecurity pro’s average annual salary.

The survey also sheds light on the efficacy of strong security systems — an excellent one can more than double the amount of time for a good hacker to intrude. And remember, most hackers aren’t that patient; they’ll move on to an easier target in most cases.

That’s all the more important when you consider, along with the costs of computing, that the overhead for cyberattackers also has fallen. It provides a good warning for both businesses and their channel partners.

“Understanding the costs, motivations, payouts, and finding ways to flip the cost scenario will be instrumental in reducing the number of breaches we read about almost daily and restoring trust in our digital age,” said Davis Lake, director of cybersecurity strategy at Palo Alto Networks.

Dr. Larry Ponemon, chairman and founder, Ponemon Institute, said the survey shows how important threat prevention is and how investing in next-generation technology is a good idea.

“By adopting next-generation security technologies and a breach-prevention philosophy, organizations can lower the return on investment an adversary can expect from a cyberattack by such a degree that they abandon the attack before it’s completed,” said Ponemon.

Here are a few recommendations you can take into account to increase your defense against cyberattackers that might cause them to abandon the attack altogether.