70+ Cybersecurity Statistics You Need to Know for 2024
Interested in learning about trends in data loss prevention, ransomware, and cybercrime? These cybersecurity statistics from the last 5 years will outline contemporary cybersecurity trends and provide a preview of what is being predicted for the future of cybersecurity.
Top 10 Cybersecurity Statistics for 2024
1) 58% of companies have over 1,000 inactive user accounts
This shocking cybersecurity statistic comes from the 2019 Varonis Global Data Risk Report. Whatโs even more troubling is how prevalent inactive user accounts are in financial services; the Varonis 2021 Financial Services Data Risk Report discloses that nearly 40% of financial services companies have more than 10,000 inactive users.
These inactive accounts increase the attack surface of the network as they are a potential entry point for an attacker. To prevent the proliferation of inactive user accounts it is critical that employees are deprovisioned from the network during offboarding.
2) 86% of breaches in 2020 were financially motivated
Being aware of the top motivations of threat actors will help you prioritize the data that needs to be prioritized as part of your data loss prevention strategy. These findings from the 2020 Verizon Data Breach Investigations Report confirm that the monetary value of sensitive data is a key motivator for insider threats, malicious hackers, and other threat actors.
58% of the victims studied in the report had personal data compromised during the attack. Personally identifiable information (PII) is incredibly valuable as it can be readily sold and traded amongst cybercriminals.
3) Global cybercrime is expected to inflict a total of $6 trillion USD in damages in 2021
As reported by Cybersecurity Ventures the financial impact of cybercrime is expected to reach $6 trillion USD in 2021 and rise to $10.5 trillion USD annually by 2025.
To put these damages into perspective the United States was the worldโs largest economy in 2020, with a nominal GDP of $21.44 trillion. If cybercrime was measured as a country, it would be the worldโs third-largest economy after the US and China.
4) 59% of buyers are likely to avoid companies that suffered from a cyberattack in the past year
This finding from the Arcserve 2020 Data Attack Surface Report is of little surprise. Cybersecurity is a significant competitive advantage; after all, would you leave your sensitive personal data with someone who doesnโt prioritize data security?
The report goes on to state that 25% of consumers across North America, the United Kingdom, France, and Germany would go so far as to abandon a product or service in favor of a competitor following a single ransomware-related service disruption, failed transaction, or instance of inaccessible information.
As the threat landscape continues to evolve organizations of all sizes need to ensure that cybersecurity is a top priority. The rapid proliferation of security vulnerabilities greatly increases their attack surface, providing threat actors with ample opportunity to compromise sensitive data and networks.
5) Global ransomware damage costs are predicted to reach $20 billion by 2021
The very same Arcserve report as before reveals that damages caused by ransomware have risen dramatically in recent years; the $20 billion USD in ransomware damages that are predicted for 2021 are 57x greater than the damages that occurred in 2015.
Prime examples of financial damages inflicted by ransomware include NotPetya (est. $10 billion USD) and WannaCry (est. $4 billion USD), both of which used the EternalBlue exploit in their attacks.
What is EternalBlue?
EternalBlue is a cyberattack exploit that was developed by the U.S. National Security Agency (NSA) and later leaked by the Shadow Brokers hacker group on April 14, 2017. EternalBlue leverages an exploit known as โWindows SMB Remote Code Execution Vulnerability.โ (CVE-2017-0144) to execute arbitrary code in Windows servers.
Ransomware attacks have steadily been on the rise over the last 5 years. Further research from the Beazley Breach Response (BBR) Services found that ransomware attacks increased by 131% between 2018 and 2019 alone. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, up considerably from every 40 seconds in 2016.
โThe ransomware landscape has been rapidly evolving. Back then, instances of ransomware typically involved the targetโs data being encrypted, but not accessed or exfiltrated. Today, however, not only has the frequency of ransomware attacks increased substantially, but the added threat of a data breach makes them potentially much more damaging.โ
2020 Breach Briefing, Beazley Breach Response (BBR) Services
Ransomware is incredibly profitable for cybercriminals. Accenture found that from the first quarter to the second quarter of 2020 there has been a 60% increase in the average ransom payment (US$178,254).
Why is ransomware so profitable? Simply put, victims are willing to pay; even against FBI recommendations. Cybercriminals prioritize their targets based on the perceived odds of receiving a ransom payment from their victim. Researchers from IBM Securityโs X-Force surveyed executives at 600 businesses and found that 70% of those that were hit with ransomware have paid the ransom.
Common ransomware targets
- Emergency Services: Entities that provide critical services are under considerable pressure to provide ransom payments so they can return to full operational capacity as fast as possible.
- Managed Service Providers: MSP are responsible for the security, support, and maintenance of mission-critical IT services. MSPs are likely ransomware targets as their entire customer base could be lost to an attack should they not remediate the attack.
- Manufacturing: While any valuable sector with any sort of legacy infrastructure is at risk for a ransomware attack, a survey from Darktrace found that cyberattacks against manufacturers increased 7x from January 2020 to April 2020.
6) 70% of consumers believe that businesses arenโt doing enough to secure their personal information
The Arcserve report confirms that organizations of all sizes simply cannot afford to neglect investing in cybersecurity if they want to earn and keep the trust of their customers. Unfortunately, the surveyed consumers donโt feel hopeful about corporate cybersecurity standards; 70% stated that they feel that businesses simply arenโt doing enough to adequately secure their personal information.
Their feelings on the matter are entirely valid, too. The 2019 Varonis Global Data Risk Report found that a disappointing average of only 5% of companiesโ folders are properly protected against cyber security risks. Should an insider threat or external actor break into their network the potentially sensitive data contained within these folders can be readily stolen for financial or strategic gain.
7) 90% of UK cybersecurity breaches in 2019 were caused by human error
A 2019 CybSafe analysis of data from the UK Information Commissionerโs Office (ICO) found that 90% of cybersecurity breaches in the UK were in some way attributable to human error.
The critical role that security training has on data security cannot be understated. The 2020 Webroot Threat Report found that running 11 or more training courses over the course of 4-6 months reduces the click-through rate of phishing emails by 65%.
To prevent your employees from becoming the weakest link in your organizationโs security strategy you need to ensure that you combine critical data security controls with ongoing security training for all staff.
8) 93.6% of malware observed in 2019 was polymorphic
This finding from the 2020 Webroot Threat Report provides an overview of how sophisticated malware has become. Polymorphic malware has the ability to constantly modify its code in order to evade detection. Many of the common malware variants can be polymorphic including viruses, worms, bots, trojans, or keyloggers
Malware is in no way rare, either. According to the Malware Statistics & Trends Report dashboard from AV-TEST 15,224,388 new malware and potentially unwanted applications were found in January 2021 alone.
9) From 2018 to 2019 there was a 125% increase in malware targeting Windows 7
Windows 7 reached its End-of-Life stage on January 14, 2020. Since Windows 7 is no longer supported with patches for critical security vulnerabilities any computer that is currently running Windows 7 should no longer be considered protected.
This cybersecurity statistics from the 2020 Webroot Threat Report further emphasizes this truth. If you have not yet upgraded your operating system you can visit our guide on what options you have for transitioning from Windows 7 to Windows 10.
10) The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S
As you can see, the successful detection and prosecution of cybercriminal organizations is exceedingly rare.
While organizations such as the Internet Crime Complaint Center (IC3) in the US and The National Cybercrime Coordination Unit (NC3) in Canada exist to assist with the investigation of cybercrimes, there are a variety of factors that make gathering evidence and prosecuting offenders difficult.
Why is cybercrime difficult to prosecute?
- Jurisdiction: Even with sufficient evidence to prove who is responsible for a cyberattack, if the cybercriminal operates across jurisdictional boundaries it will be difficult to prosecute them unless there is full cooperation of allied countries to honor arrest warrants.
- Legality: Cybercrime is a relatively new phenomenon in contrast to laws that have been enacted in the pre-internet days. In some cases there simply isnโt a legal precedent to properly address whether or not a given action is prosecutable under current legislation.
- Underreporting: Simply put, the majority of cybercrimes arenโt even reported. The reporting of cybercrimes is increasing, though. Since COVID-19, the The FBIโs Internet Crime Complaint Center reported a 300% increase in reported cybercrimes. In Canada, police-reported cybercrimes increased by 12% from 2017 to 2018.
Cybercrime Statistics
| Cybercrime Statistics | Source | Year |
|---|---|---|
| The global cost of cybercrime is expected to surge from $9.22 trillion in 2024 to $13.82 trillion by 2028 | Statista Technology Market Insights | 2024 |
| Global business losses due to cybercrime reached $8.44 trillion in 2022 | Statista Technology Market Insights | 2022 |
| In 2018, Canadians who used the Internet protected themselves while online by: deleting their browser history (61%), blocking emails, including junk mail and spam (60%) and blocking other types of messages (34%). Internet users also took steps to protect their privacy and personal information online by changing the privacy settings on accounts or apps to; limit their profile or personal information (42%) and enable or disable their location (45%). | Canadian Internet Use Survey (CIUS), 2018 | 2018 |
| The ad industry loses approximately $51 million per day due to ad fraud and by 2023 that number will skyrocket to $100 billion annually | Bloomberg Law | 2021 |
| 70% of consumers across North America, the United Kingdom, France, and Germany believe businesses arenโt doing enough to adequately secure their personal information | Arcserve โ The 2020 Data Attack Surface Report | 2020 |
| Compared to the previous year, police-reported cyber crimes in Canada increased 12% in 2018. | Uniform Crime Reporting Survey (UCR), 2018 | 2018 |
| In 2018, Canadian police services reported almost 33,000 cyber-related violations. | Uniform Crime Reporting Survey (UCR), 2018 | 2018 |
| The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S | World Economic Forum: The Global Risks Report 2020 | 2020 |
| Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes | The FBIโs Internet Crime Complaint Center | 2020 |
| In 2017, Canadian businesses spent a total of $14 billion on prevention, detection and recovery from cyber security incidents. The vast majority (94%) of businesses in Canada had some level of expenditure to prevent or detect cyber security incidents. | Canadian Survey of Cyber Security and Cybercrime, 2017 | 2017 |
| Only 10% of Canadian businesses impacted by cyber security incidents in 2017 reported them to a police service. | Canadian Survey of Cyber Security and Cybercrime, 2017 | 2017 |
| Gartner estimates that by 2022 60% of enterprises will have comprehensive security awareness training programs | Gartner: Hire the Right Teachers for Better Security Awareness | 2020 |
| Running 11 or more training courses over 4-6 months has been found to reduce phishing click-through by 65% | 2020 Webroot Threat Report | 2020 |
Insider Threat Statistics
| Insider Threat Statistics | Source | Year |
|---|---|---|
| 74% of organizations say insider attacks have become more frequent. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| 74% of organizations say they are at least moderately vulnerable or worse to insider threats. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| More than half of organizations have experienced an insider threat in the last year, and 8% have experienced more than 20. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| 68% of respondents are concerned or very concerned about insider risk as their organizations return to the office or transition to hybrid work; only 3% are not concerned. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| 53% say detecting insider attacks is harder in the cloud | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Among security professionals, 71% are most concerned about compromised accounts/machines. This is followed by inadvertent data breaches/leaks (66%), negligent data breaches (64%), and malicious data breaches (54%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| 68% of people are concerned or very concerned about insider risk | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Only 14% of organizations do not monitor user behavior as part of their insider risk management plan and other business requirements | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Almost half of organizations monitor abnormal user behavior across their cloud footprint (SaaS, IaaS, PaaS) and the web (48%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Cybersecurity teams face significant challenges in promptly detecting and preventing insider attacks. Trusted insiders already possess authorized access to applications, networks, and services (54%), making it difficult to distinguish malicious activity. Compounding this issue is the widespread adoption of applications that can leak data (44%) and the increased use of personal devices for work purposes (42%), which expand the attack surface and make it easier for insiders to compromise sensitive data and systems. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Cybersecurity professionals express the greatest concern over IT users and administrators with extensive access privileges (60%), who can potentially infiltrate highly sensitive data, applications, and systems undetected. Close behind are third-party contractors and service providers (57%), often exhibiting lower organizational loyalty coupled with increased access to critical systems. Regular employees (55%) and privileged business users (53%) also represent significant security risks, particularly considering their substantial numbers within organizations and access to sensitive applications. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| The escalating threat of insider attacks is driving a surge in organizations implementing formal insider risk programs. Currently, 39% of organizations have established such programs, while an additional 46% are planning to do so in the future | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Almost all organizations (87%) consider unified visibility and control across all apps, devices, web destinations, on-premises resources, and infrastructure to be moderately to extremely important for managing insider threat risks. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| The primary drivers for implementing insider threat programs are: Information security governance programs (45%), Proactive security team initiatives (44%), Regulatory compliance (40%), Proactive IT team initiative (36%), Incident(s) that impacted peers or relevant industry (26%), Suspected incident (25%), Previously confirmed incident (24%), Directive from the executive management team (24%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| The roles responsible for overseeing insider threat prevention, detection, and mitigation programs within organizations are primarily held by: CIO (25%), IT Security Managers (24%), Director of Security (14%), Information Security Officer (13%), VP of Security (4%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Cybersecurity professionals identified the following as their top concerns regarding malicious insider threat motivations: Monetary gain (59%), Reputation damage (50%), Intellectual property theft (48%), Fraud (46%), Sabotage (43%), Espionage (34%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| 48% of cybersecurity professionals reported that attacks from insider threats were more difficult to detect and prevent than external cyber attacks. 44% said it was equally as difficult, and only 8% said they were less difficult. | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
| Cybersecurity professionals reported the following impacts of insider threats on their organizations: Loss of critical data (45%), Brand damage (43%), Operational disruption or outage (41%), Loss of revenue (26%), Legal liabilities (24%), Loss of competitive edge (23%), Non-compliance with regulations (22%), Expenditure remediating successful intrusions (19%), Loss in market valuation (18%). | 2023 Insider Threat Report | Cybersecurity Insiders & Gurucul | 2023 |
Ransomware Statistics
| Ransomware Statistics | Source | Year |
|---|---|---|
| Over 60% of organizations that involved law enforcement after a ransomware attack experienced less financial loss on average than the 37% that did not involve the authorities. | Cost of a Data Breach Report 2023 | IBM | 2023 |
| The FBIโs 2023 Internet Crime Survey revealed that healthcare was number one on the list of critical infrastructure sectors most affected by ransomware, with 249 reported cases. | 2023 Internet Crime Report | Federal Bureau Of Investigation (FBI) | 2023 |
| Cybercriminals secured ransomware payments of more than $1 billion in cryptocurrency in 2023. | Chainalysis | 2023 |
| The proportion of ransomware victims that gave in to ransom demands dropped to an all-time low of 29% in Q4 of 2023. | Coveware | 2023 |
| According to observations from the FortiGuard Labs Incident Response (IR) team, financially motivated cybercrime accounted for the highest volume of incidents (74%) in 2022, with 82% of financially motivated cybercrimes involving the deployment of ransomware or malicious scripts. | Fortinet | 2023 |
| Of the organizations that experienced a ransomware incident, 71% said they paid at least a portion of the demanded ransom. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| Only 35% of those affected by ransomware recovered all their data after the incident. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| More than 90% of those surveyed said that having a ransomware strategy in place is either their teamโs most important or one of their top three priorities. And 88% include cyber insurance as part of their preparedness strategy. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| Of those surveyed in 2023, half of enterprises fell victim to a ransomware attack in the last 12 months, and 46% were targeted by ransomware two or more times. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| Even after paying a ransom, many organizations that pay a ransom have found that their data is still not recoverable or that it is still posted on the dark web for sale to the highest bidder(s). | The 2023 Global Ransomware Report | Fortinet | 2023 |
| โThe most important skills that ransomware incident response teams were looking for were Cybersecurity fundamentals 64%, Incident response and management 64%, Network security and architecture 64%, Advanced threat intelligence analysis 47%, Forensic analysis 37%, Legal and compliance knowledge 29%.โ | The 2023 Global Ransomware Report | Fortinet | 2023 |
| 61% of organizations listed โbudget constraintsโ as one of their biggest challenges when forming a ransomware response team. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| 56% of organizations plan to increase their investment in new ransomware defense technologies in 2024. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| 56% of companies surveyed in 2023 expected to be more likely to be a target of ransomware attacks compared to the previous year. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| Only 48% of organizations are confident that they are prepared for a ransomware attack. | The 2023 Global Ransomware Report | Fortinet | 2023 |
| โWhen asked โWhat is your organizationโs policy regarding ransom negotiation and payment?โ 29% have no formal policy in place, 29% have a strict no-payment policy for ransomware, 33% evaluate payment on a case-by-case basis, 10% may pay if critical operations are affected.โ | The 2023 Global Ransomware Report | Fortinet | 2023 |
| Over 75% of ransomware incidents now involve encrypting the victimโs data. | The State of Ransomware 2023 | Sophos | 2023 |
| Almost 85% of private-sector organizations say theyโve lost business or revenue due to a ransomware attack. | The State of Ransomware 2023 | Sophos | 2023 |
| There was a significant spike in the average ransom payment in 2023, increasing from $812,380 in 2022 to $1,542,333 the following year. | The State of Ransomware 2023 | Sophos | 2023 |
| As of 2021, more than 130 different ransomware strains had been detected globally. | Ransomware in a Global Context | Virustotal | 2021 |
| Ransomware strains can now be categorized into more than 30,000 clusters. Clusters are batches of ransomware grouped together based on their similarities. | Ransomware in a Global Context | Virustotal | 2021 |
| Concern about security and safety is the top reason businesses backup data. Survey shows 61% are concerned about ransomware, another 61% are concerned about social engineering attacks, and 60% about cryptojacking. | World Backup Day: 2019 Survey Results | Acronis | 2019 |
| According to IT experts, the technologies that bring the most risk in terms of data loss are ransomware (42%), mobility/BYOD (38%), and social media use (9%). | Arcserve | 2017 |
| Of security teams polled, 37% said the threat of ransomware keeps them up at night | Cobalt โ The State of Pentesting 2022 | 2022 |
| According to a 2022 annual survey of more than 300 security leaders in the U.S., U.K., and Canada, 90% reported being the targets of ransomware attacks in the past 12 months | The SpyCloud Ransomware Defense Report 2022 | 2022 |
| The cost of damage to projects via ransomware is projected to reach $30 billion in 2023 | Acronisโ Mid-Year Cyberthreats Report | 2022 |
| Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, up from every 40 seconds in 2016. | Cybersecurity Ventures โ Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite | 2021 |
| Ransomware damage worldwide is expected to reach $21 billion by 2021 | Cybersecurity Ventures โ Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite | 2021 |
| In Q1 2020, ransomware accounted for 34% of malware attacks on organizations. In Q4, it reached 56%. | Positive Technologies | 2020 |
| 25 percent of consumers across North America, the United Kingdom, France, and Germany stated that they would abandon a product or service in favor of a competitor after a single ransomware-related service disruption, failed transaction, or instance of inaccessible information | Arcserv โ The 2020 Data Attack Surface Report | 2020 |
| Global ransomware damage costs are predicted to reach $20 billion by 2021; 57X more than it was in 2015 | Arcserv โ The 2020 Data Attack Surface Report | 2020 |
| The NotPetya ransomware has caused an estimated $10 billion in damages | Wired: The Untold Story of NotPetya, the Most Devastating Cyberattack in History | 2018 |
| 90% of IT departments restrict web access to protect against malware/ransomware infections | Spiceworks.com Data snapshot: How web filtering affects workplace security and productivity | 2018 |
| The WannaCry ransomware has caused an estimated $4 billion in damages | CBS News: โWannaCryโ ransomware attack losses could reach $4 billion | 2017 |
Data Breaches & Data Loss Prevention Statistics
| Data Breach Statistics | Source | Year |
|---|---|---|
| The global average cost of a data breach in 2023 was USD $4.45M, which was a 15% increase over the previous three years. | IBM Securityยฎ & Ponemon Institute. IBM Cost of a Data Breach Report 2023. | 2023 |
| 83% of IT pros reported that employees stored company data on unsanctioned cloud services | G2 | 2020 |
| โ86% of breaches in 2020 were financially motivatedโ | 2020 Data Breach Investigations Report | Verizon | 2020 |
| Artificial intelligence is predicted to play a critical role in increasing cyber protection and cyber attacks. | Forbes | 2020 |
| As of 2019 the annual cybercrime cost for U.S. businesses was an average of $27.4 million | Ninth Annual Cost Of Cybercrime Study | Accenture | 2020 |
| Around 46% of organizations think that the chief information security officer (CISO) is ultimately responsible for cybersecurity issues. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| In 2020, it takes an average of 280 days to identify and contain a data breach. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| In the first three quarters of 2020, there were 2,953 reported breaches across the globe. It was a 51% decrease compared to the same period in 2019. However, a staggering 36 billion records were exposed by the end of September 2020, making it the worst year on record in terms of data breaches. | 2020 Q3 Data Breach QuickView Report | RiskBased Security | 2020 |
| 98% of Internet-of-Things (IoT) devices are unencrypted, which exposes confidential data to attacks. | SecurityBrief | 2020 |
| 51% of threats in the healthcare industry are coming from imaging devices. Additionally, 72% of virtual local area networks in the healthcare industry mix IT assets and IoT devices, which allows malicious software to spread rapidly through various end-user devices. | SecurityBrief | 2020 |
| 45% of breaches are done through hacking. It is followed by errors at 22%, social attacks at 22%, malware at 17%, misuse by authorized users at 8%, and physical actions at 4%. | 2020 Data Breach Investigations Report | Verizon | 2020 |
| 72% of data breach victims are large businesses. Additionally, 28% of victims are small enterprises. | 2020 Data Breach Investigations Report | Verizon | 2020 |
| Often, external actors (70%) and organized criminal groups (55%) are behind data breaches. However, a small percentage of the perpetrators have involved business partners (1%) and multiple attackers (4%). | 2020 Data Breach Investigations Report | Verizon | 2020 |
| 63% of employees in a Code 42 report have stated that they brought data from their previous employer to their current employer. | 2019 Data Exposure Report | Code42 | 2019 |
| Maintaining secure configurations and set-ups for cloud-resident workloads is the biggest challenge that 39% of organizations deal with. | Cloud Threat Report 2019| Oracle & KPMG | 2019 |
| 38% of companies say that satisfying the standards set by their security teams regarding the security of their public cloud infrastructure is their second biggest challenge. | Cloud Threat Report 2019| Oracle & KPMG | 2019 |
| The same number of organizations (38%) treat the maintenance and consistency of security in their data centers as significant concerns. | Cloud Threat Report 2019| Oracle & KPMG | 2019 |
| Cloud-related security in event management is also a challenge for 37% of organizations. | Cloud Threat Report 201 9| Oracle & KPMG | 2019 |
| In January 2019 alone, 1.76 billion records were leaked from various data breaches around the world. | IT Governance | 2019 |
| 39% of small- and medium-sized businesses do not have contingency plans in response to cyber-attacks and data breaches. | 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses | Ponemon Institute & Keeper | 2019 |
Malware and Internet Cybersecurity Statistics
| Malware and Internet Security Statistic | Source | Year |
|---|---|---|
| 64,000,000+ new malware and potentially unwanted applications were found in H1 2024 | Malware Statistics and Trends Report | AVAtlas | 2024 |
| In 2019, 93.6% of malware observed was polymorphic, meaning it has the ability to constantly change its code to evade detection | 2020 Webroot Threat Report | 2020 |
| 85% of threats hide in 1 of 4 locations: %temp%, %appdata%, %cache% and %windir%. | 2020 Webroot Threat Report | 2020 |
| From 2018 to 2019 1 in 4 malicious URLs were hosted on an otherwise non-malicious site | 2020 Webroot Threat Report | 2020 |
| The majority of sites that host malware are from the US (61.22%) | 2020 Webroot Threat Report | 2020 |
| In 2018, 15% of phishing sites used HTTPS to trick the user into thinking the site was safe; by 2019 the percentage had risen to 27% | 2020 Webroot Threat Report | 2020 |
| Systems running Windows 7 are nearly three times as likely to get infected as Windows 10 devices, with malware targeting WIndows 7 increasing by 125% from 2018 to 2019 | 2020 Webroot Threat Report | 2020 |
Social Engineering and Phishing Statistics
| Social Engineering and Phishing Statistics | Source | Year |
|---|---|---|
| 90% of all data breaches are a result of phishing attacks | Cisco โ 2021 Cyber Security Threat Trends | 2021 |
| From 2018 to 2019 there was a 640% increase in phishing attempts and a 125% increase in malware targeting Windows 7 | 2020 Webroot Threat Report | 2020 |
| In 2018, 15% of phishing sites used HTTPS to trick the user into thinking the site was safe; by 2019 the percentage had risen to 27% | 2020 Webroot Threat Report | 2020 |
| Running 11 or more training courses over 4-6 months has been found to reduce phishing click-through by 65% | 2020 Webroot Threat Report | 2020 |
| 53% of companies found over 1,000 sensitive files open to every employee. On average, 14,643 folders contained sensitive data that was accessible by every employee. | 2019 Varonis Global Data Risk Report | 2019 |
| Over 64% of financial services companies have 1,000+ sensitive files open to every employee. | Varonis 2021 Data Risk Report โ Financial Services | 2021 |
| From 2018 to 2019 there was a 640% increase in phishing attempts | 2020 Webroot Threat Report | 2020 |
Security Incident Statistics
| Cybersecurity Incident Statistic | Source | Year |
|---|---|---|
| Around 15 million data records were breached globally in the third quarter of 2022, a 37% increase over the previous quarter | Statista | 2023 |
| 80% of cyber attacks were found to be perpetrated by external sources instead of internal actors | Verizon Data Breach Investigations Report 2022 | 2022 |
| 44.6% of surveyed representatives said their organization suffered between one and five successful cyber attacks in 2022 | Statista | 2022 |
| 86% of breaches in 2020 were financially motivated | Verizon Data Breach Investigations Report 2020 | 2020 |
| 95% of cybersecurity breaches are caused by human error | Cybint โ 15 Alarming Cyber Security Facts and Stats | 2022 |
| 95% of breached records came from three industries in 2016: Government, retail, and technology. | Forrester: Lessons Learned From The Worldโs Biggest Data Breaches And Privacy Abuses, 2016 | 2016 |
| In 2020 organized criminal groups were behind 55% of breaches; 30% involved internal actors | Verizon Data Breach Investigations Report 2020 | 2020 |
| Almost six out of ten (57%) Canadian Internet users reported experiencing a cyber security incident in 2018. | Canadian Internet Use Survey (CIUS), 2018 | 2018 |
| 21% of businesses were impacted by cyber security incidents in 2017 | Canadian Survey of Cyber Security and Cybercrime, 2017 | 2017 |
| Approximately 3 in 10 organizations have seen a spike in the volume of attacks during the pandemic. | 2020 CIRA Cybersecurity Report | 2020 |
| Businesses Suffered 50% More Cyberattack Attempts per Week in 2021 | Dark Reading | 2022 |
The Costs of a Data Breach Statistics
| Data Breach Statistics | Source | Year |
|---|---|---|
| Targeted distributed denial-of-service (DDoS) attacks are sold for as low as $10 per hour on the dark web. | Privacy Affairs | 2021 |
| 70% of workers said that remote work due to COVID-19 would increase the cost of a data breach. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| The average cost of a data breach on remote work is about $137,000 per attack. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| On average, the cost of a data breach for organizations in 2020 is only about $3.86 million. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| The United States has the highest average cost of a data breach at about $8.64 million per attack. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| The healthcare industry suffered the most from data breaches with an average healthcare data breach cost of $7.13 million. | Cost of a Data Breach Report 2020 | IBM | 2020 |
| Each ransomware attack costs up to $84,116 to pay. | Coveware | 2020 |
| 51% of organizations say they are ill-equipped to respond to a cyber attack. | FireEye | 2020 |
| Ransomware variants are beginning to target large companies. For example, Ryuk ransom payments reached up to $780,000. | Coveware | 2020 |
| 98% of companies who paid the criminals received legitimate decryptors. | Coveware | 2020 |
| However, only 97% of encrypted files are recovered on average after companies paid the criminals. | Coveware | 2020 |
| Cybersecurity is only the second technological priority among companies around the world at 49%, next to digital transformations at 54%. | Statista | 2019 |
| Small businesses lose on average $200,000 per ransomware incident due to downtime and recovery costs, with many going out of business. | CNBC | 2019 |
| Ponemon Institute estimates the average cost of downtime at $9,000 per minute (approx. $500,000 per hour). The average cost of service downtime is so high because it includes not only direct financial losses but also the expenses of lost productivity, missed opportunities, customer dissatisfaction, and long-term reputational damage. | Cost of Data Center Outages | Ponemon Institute & Vertiv | 2016 |
Other Cybersecurity Statistics
| Statistic | Source | Year |
|---|---|---|
| The global cost of cybercrime is expected to surge from $9.22 trillion in 2024 to $13.82 trillion by 2028 | Statista | 2024 |
| Compared to the previous year, police-reported cybercrimes in Canada increased 12% in 2018. | Uniform Crime Reporting Survey (UCR), 2018 | 2018 |
| In 2018, Canadian police services reported almost 33,000 cyber-related violations. | Uniform Crime Reporting Survey (UCR), 2018 | 2018 |
| The likelihood of organized cybercrime entities being detected and prosecuted is estimated to be as low as 0.05% in the U.S. | World Economic Forum: The Global Risks Report 2020 | 2020 |
| Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes. | The FBIโs Internet Crime Complaint Center | 2020 |
| Among the 13 crimes measured, the top two most worrisome for Americans are cybercrimes. 72% feared computer hackers accessing their personal, credit card, or financial information, and 66% worry about identity theft. | Cybercrimes Remain Most Worrisome to Americans | Gallup | 2020 |
| The monetary damage caused by cybercrime has been increasing exponentially. It reached $3.5 billion in 2019 before rising to $4.2 billion in 2020. The IC3 forecasted that the damages would increase to $12.5 billion by 2023. | Internet Crime Report 2023 | IC3 | 2020 |
| The United States suffered the most high-profile cyber-attacks with 156 separate incidents between May 2006 and June 2020. | SecurityBrief | 2020 |
| Germany, India, Australia, and the United Kingdom have all been targets of significant attacks in the last 14 years. These attacks included assaults on defense agencies, government and federal systems, and prominent tech companies. | SecurityBrief | 2020 |
| 4.83 million DDoS attacks were recorded in the first half of 2020. | Help Net Security | 2020 |
| Around 86% of the attacks are financially motivated. | 2020 Data Breach Investigations Report | Verizon | 2020 |
| The worldwide damages of cybercrime are expected to reach $6 trillion by the end of 2021. It is expected to grow at about 15% every year and will reach around $10.5 trillion by 2025. | Cybercrime To Cost The World $10.5 Trillion Annually By 2025 | Cybercrime Magazine | 2020 |
| 58% of companies found over 1,000 inactive user accounts. These inactive accounts increase the attack surface of the network as they are a potential entry point for an attacker. To mitigate these risks it is critical that employees are deprovisioned from the network during offboarding. | 2019 Varonis Global Data Risk Report | 2019 |
| In 2020 organized criminal groups were behind 55% of breaches; 30% involved internal actors. | Verizon Data Breach Investigations Report 2020 | 2020 |
| Over 64% of financial services companies have 1,000+ sensitive files open to every employee. | Varonis 2021 Data Risk Report โ Financial Services | 2021 |
| Nearly 40% of financial services companies have more than 10,000 inactive users. | Varonis 2021 Data Risk Report โ Financial Services | 2021 |
| 43% of cyberattacks target small businesses. | Worldwide DLP Market Revenue Forecast by Statista | 2023 |
| 60% of companies with remote workers experience higher data breach costs than their counterparts without remote workers. | G2 | 2023 |
| Almost 70% of organizations reported a labor shortage of cybersecurity personnel on board. | ISACA โ State of Cybersecurity 202 2 Report | 2022 |
| 65% of board members surveyed by Proofpoint are concerned about cyberattacks in their respective organizations over the next 12 months. | Proofpoint โ Cybersecurity: The 2022 Board Perspective Report | 2022 |
| Cloud security spending is expected to reach $6.6 billion in 2023. | Cloud security spending worldwide from 2017 to 2023 | Statista | 2022 |
| 35% of cyberattack vulnerabilities in organizations are due to server security misconfigurations. | Cobalt โ The State of Pentesting 2022 | 2022 |
| Spending on information risk management and security is forecasted to increase 11.3% to reach over $188.3 billion in 2023. | Gartner | 2022 |
| More than half of respondents claimed that their most critical area for cybersecurity in 2023 was data security, followed by cybersecurity analytics and privacy. | Most important cybersecurity areas worldwide in 2022 with a forecast until 2023 | Statista | 2022 |
| In a 2019 survey 41% of IT pros stated that their business hasnโt purchased cyber insurance because itโs simply not a priority at their organization. A further 33% flat out stated that theyโre not sold on the benefits, and 34% didnโt bother because it wasnโt required by regulations. | Spiceworks | 2019 |
| โThese are the top reasons why organizations purchased a cyber insurance policy: โ 71% cite precautionary measures as a reason they purchased a policy. โ 44% An increased priority on cybersecurity โ 39% handling a lot of personal data โ 28% industry specific regulations โ 14% purchased coverage due to customer requirements, โ 14% bought coverage as a result of new data protection regulations, such as GDPR. โ 13% due to a security incident โ 7% due to a data breach.โ | Spiceworks | 2019 |
| In 2022 the #1 concern for companies globally was cyber incidents (44%), followed by business interruption (42%) and natural disasters (25%). | Allianz Risk Barometer | 2022 |
| At 93% of companies, pentesters succeeded in breaching the network perimeter and accessing the local network. | Positive Technologies | 2020 |
| Training employees to think and act with security in mind was the most underfunded activity in cybersecurity budgets in 2019. | Accenture | 2019 |
Cybersecurity Reports & Resources
Looking for more cybersecurity statistics, data, and information? These 5 cybersecurity statistics reports provide a wealth of information so you can learn more about the global cybersecurity landscape.
1) Verizon Data Breach Investigations Report
Every year Verizon releases a new Data Breach Investigations Report with data breach statistics, security incident insights, and cybersecurity statistics from organizations of all sizes. | Learn More
2) 2018 Varonis Global Data Risk Report
The 2018 Global Data Risk Report from the Varonis data lab examined Data Risk Assessments performed by Varonis engineers throughout 2017 to gauge the prevalence and severity of exposed critical information and sensitive files, and evaluate what companies are doing (or not doing) to secure their most critical data. | Learn More
3) 2020 CIRA Cybersecurity Report
For this report the Canadian Internet Registration Authority (CIRA) contracted The Strategic Counsel to interview 500 workers with responsibility for IT security. This report was created to further the understanding of how Canadian companies approach cybersecurity. In total, 64% of businesses in the sample indicated they do business exclusively in Canada. | Learn More
4) Cisco Cybersecurity Report Series
Over the past decade, Cisco has published security and threat intelligence information for security professionals interested in the state of global cybersecurity. These comprehensive reports provide detailed accounts of threat landscapes and their effects on organizations, as well as best practices to defend against the adverse impacts of data breaches. In their most recent Cybersecurity Report Cisco explores the ins and outs of threat hunting and provides a how-to guide for creating a threat-hunting team at your organization. | Learn More
5) Accenture 2020 Cyber Threatscape Report
This latest report from Accenture Cyber Threat Intelligence aims to help their clients, partners and community members by offering cybersecurity information that allows them to stay ahead of threats relevant to their businesses, industries and geographies. | Learn More
6) CurrentWare: Keep Data Safe When Offboarding Employees
Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data? In this white paper you will learn the best practices for deprovisioning employees from your network and preventing data theft during a termination. | Learn More: Security tips for offboarding employees
Cybersecurity Statistics FAQ
Why should I not pay a ransomware demand?
Organizations that pay ransomware demands prove that they are willing to pay, increasing risks for future attacks. Furthermore, there is no guarantee that data can be recovered following payment. Although the attackers may be motivated to maintain a reputation that they will honor their end of the deal, there is no guarantee that data can be recovered after a payment.
As for reporting a ransomware attack, in the United States the FBI urges organizations to report the attack to law enforcement, such as the FBIโs Internet Crime Complaint Center (IC3).
In Canada the National Cybercrime Coordination Unit (NC3) and the Canadian Anti-Fraud Centre are working on implementing a new cybercrime and fraud reporting system for Canadians and businesses
How can I prevent ransomware attacks?
Need to prevent ransomware attacks? Follow these ransomware prevention tips from the Beazley 2020 Breach Briefing.
- Lock down RDP: Remote Desktop Protocol is regularly used as an attack vector for ransomware. You should disable RDP when it is not required and apply secure configurations when RDP is enabled, including the use of strong, unique passwords and multi-factor authentication (MFA).
- Require MFA: MFA must be enabled for internal administrative accounts and for accounts with external access to applications. This is particularly true for sensitive accounts such as email, RDP and VPNs.
- Disable PowerShell: Update PowerShell to the latest framework and disable PowerShell on workstations where possible. Where PowerShell cannot be disabled, logging and continuous monitoring of PowerShell activity is critical.
- Patch systems: Enable automatic patching for all operating systems and internet browsers. Ensure that anti-virus signatures are up-to-date so that your security software can detect known emerging threats.
- Apply web filtering: Use a web filter to block connections to malicious websites. Ransomware infections can occur through malicious websites or malicious advertisements that redirect the user to a dangerous website.
- Limit administrative rights: Admin rights should be limited to employees with IT roles. These privileged accounts must be protected with MFA and IT staff must use non-privileged accounts for day-to-day activities, limiting the use of admin accounts to an as-needed basis.
- Conduct security awareness training: Train employees on how to recognize common threats and scams. Conducting phishing exercises periodically enhances security awareness and improves employee responses to cyber attacks.
- Backup Data: Restoring from backups is significantly faster than providing a ransom payment, especially considering the risk that the attackers could maintain a backdoor into the organizationโs infrastructure if the systems are not reimaged.
How many businesses are targeted by spear-phishing attacks each day?
- 62% of businesses experienced phishing and social engineering attacks in 2018 with a new organization falling victim to ransomware every 14 seconds in 2019. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
- 88% of organizations worldwide experienced spear phishing attempts in 2019. (Proofpoint 2020 State of the Phish Report)
- 65% of groups used spear-phishing as the primary infection vector. (Symantec Internet Security Threat Report (ISTR) 2019)
- 64% of organizations have experienced a phishing attack from 2018-2019 (Check Point Research Security Report 2018)
- Targeted emails, or spear phishing, is reported by businesses to be used in 91% of successful data breaches and 95% of all enterprise networks. (PurpleSec 2020 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends)
- There has been a 600% increase in malicious emails due to the COVID-19 pandemic (U.N. disarmament chief Izumi Nakamitsu)
Phishing attacks are part of what percentage of cyberattacks?
- 22% of breaches in 2020 involved phishing (Verizon Data Breach Investigations Report 2020)
- 70% of cyber attacks in 2016 used a combination of phishing and hacking. (Verizon Data Breach Investigations Report (DBIR) 2016)
- 70% of breaches associated with a nation-state or state-affiliated actors involved phishing (Verizon Data Breach Investigations Report (DBIR) 2018)
What will the projected cost of cybercrime be in 2021?
- Ransomware damage worldwide is expected to reach $21 billion by 2021 (Cybersecurity Ventures โ Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)
- Cybercrime as a whole is expected to inflict a total of $6 trillion USD in damages globally in 2021. Estimates expect this to rise to $10.5 trillion USD annually by 2025. (Cybersecurity Ventures โ Cybercrime Facts And Statistics, 2021 Report: Cyberwarfare In The C-suite)
Conclusion
These must-know cybersecurity statistics for 2021 demonstrate significant trends in the cybersecurity landscape. Ongoing security threats such as ransomware, advanced persistent threats (APT), nation-state hacker groups, and insider threats will continue to evolve their tactics to bypass security measures and compromise critical infrastructure. Business owners and consumers alike simply cannot afford to forgo investing in critical security measures and best practices.
Stock Illustrations from Stories by Freepik
