The cybersecurity industry is growing at an amazing rate with thousands of new websites popping up every day. Along the way, the number of malicious programs released online has reached a tremendous scale. Some estimates suggest that over 350,000 new malware samples are produced daily. Some 30 years ago the internet was a new and captivating universe. Today it can be a dangerous place. That’s why we prepared the latest cybersecurity statistics which will — hopefully — help you and your business stay safe on the world wide web.
Cybersecurity Statistics (Editor’s Choice)
- By 2023, enterprises will spend $12.6 billion on cloud security tools.
- With 3.15%, Denmark has the lowest percentage of computer malware infections.
- 68% of US businesses are not covered against data-breach or cyber-liability.
- 48% of cyberattacks are motivated by malicious intent, while the rest are due to human error.
- Every month, 44% of retail firms and 83% of financial companies get hit by an average of 50+ cyberattacks.
- 76% of organizations believe insider abuse is their greatest security threat.
- In just five years, cyberattacks targeting organizations have increased by 67%.
Cybersecurity Stats Rundown
1. The global cybersecurity market is expected to top $270 billion by 2026.
Cyber security threats have always been an issue for organizations worldwide. Data indicates that the global spending on external products and services to combat cyber threats will increase by 8.4% per year and from the current $173 billion, it’s expected to reach $270 billion by the end of 2026. Resources invested in in-house cyber security functions are expected to grow at an annual rate of 7.2%.
(Forbes)
2. With 35.91%, Bangladesh has the highest number of cyberattacks.
Cybersecurity facts and figures show that Bangladesh (35.91%) is the country with the highest number of mobile malware attacks, Algeria with 32.14% has the highest percentage of computer malware infections while 14.23% of the crypto miner attacks happened in Uzbekistan. Germany meanwhile has seen 3% of all financial malware attacks in the world.
(Finances Online)
3. Personal information stolen on social media nurtures an underground economy worth about $630 million.
Social media facilitates theft and information breaches around the world, feeding an industry worth nearly $630 million. The general perception, as cybersecurity facts indicate, is that cybercriminal activities take place mostly via mysterious and secretive online channels, such as the dark web. Studies on recent security breaches found that personal information like passwords, usernames, and stolen credit card info very often (45% to 50% of the time) goes in the hands of web criminals via social media platform breaches.
(Security Boulevard)
4. By 2023, enterprises will spend $12.6 billion on cloud security tools.
Cybersecurity stats reveal that businesses will most likely invest $12.6 billion in cloud security tools which means that since 2018 when the spending was $5.6 billion, the numbers are only going up. Cloud security solutions are another thing enterprises need to worry about since this item too is expected to increase from $636 million in 2020 to $1.63 billion US dollars in 2023 reaching a 26.5% compound annual growth rate.
(Forbes)
5. Information leaks are the most expensive cybersecurity issue facing businesses.
There are many facts about cybersecurity to keep in mind when looking for maximum protection for your business. Some of them can be pretty daunting, demonstrating the destructive and grave nature of hacking in general. In financial terms, information leaks are the costliest, causing enterprises annual losses worth nearly $6 million. This comes on top of reputational damage and losing hard-earned customers.
(IT Business Net)
6. Cybersecurity breaches have increased by nearly 70% since 2014.
Cybersecurity statistics only confirm what everyone already knows — when it comes to the virtual space, threats are imminent. Stats show an increase in security breaches by 11% since 2018 and by a staggering 67% since 2014. Bearing in mind that breaches that happened in 2019 took an average of 206 days to identify and had an average lifecycle of 314 days until containment, to avoid major damages, enterprises must be entirely protected at all times.
(Varonis)
7. With 3.15%, Denmark has the lowest percentage of computer malware infections.
In regards to the number of cyber attacks per year, Finland has the lowest percentage of mobile malware infections reported in 0.87% of mobile users. Similarly, Denmark is the leader as the super protected country with computer malware infections reported by only 3.15% of users. Financial attacks, which are probably the most serious cybersecurity incidents are lowest in number in Denmark, Ireland, and Sweden and have been reported by as little as 0.1% of users.
(Secure World)
8. By 2021, cybercriminal activity will cause over $6 trillion worth of annual damages worldwide.
The damages inflicted by cybercriminals worldwide are set to pass the $6 trillion mark as soon as 2021, doubling from $3 trillion in 2015, as suggested by cybersecurity threats statistics. Experts are unanimous that cybercriminal activity will be one of the greatest challenges facing humanity in the coming two decades.
(AppKnox)
9. Some 146 billion records will be exposed between 2018 and 2023.
This forecast is part of a 2018 study by Juniper and reflects the number of actual, not reported breaches. Estimates are based on new legislation that will bring to light 90% of security breaches in North America. The US will keep its lead on the list of priority hacker destinations as it is the home of the most valuable information obtained through illicit cyber activities.
(IRM Security)
10. Only 10% of cyber attacks in the US get reported.
US cybersecurity trends show that authorities register only a fraction of the attacks that take place in the country. The key reason behind the vastly undercounted rate of cybercrimes is that they’re impossible to prove. Another factor that stops people short of notifying authorities about the crime is reputational harm. In some cases, hackers steal sensitive personal files, such as embarrassing photos, to seek ransom from their owners, who in turn don’t want to be exposed.
(CPO Magazine)
11. 71% of Americans worry someone may steal their financial or personal info.
Global cyber security facts show that in 2019, 71% of Americans felt threatened someone might steal their financial or personal info, but only 24% were afraid they could become victims of terrorism. Makes sense, since in January 2019 alone cybercriminals got their hands on the private data of 1.76 billion internet users.
(Back Office Geeks)
12. The US President's Budget has allocated $18.8 billion in cybersecurity funding.
Trends in cybersecurity point to an increasing tendency on behalf of government institutions to allocate funds to combat cybercrime and the White House as an institution does not fall far behind in this endeavor. The current administration has dedicated nearly $18.8 billion to be spent on federal programs and initiatives to boost cybersecurity. Over one billion of this is intended for the Department of Homeland Security for their efforts to fight cybercrime.
(The SSL Store)
13. 68% of US businesses are not covered against data-breach or cyber-liability.
The rate at which US businesses face risks of cyberattacks is far higher than the one at which they’re adopting cyber insurance. Cisco’s cybersecurity statistics reveal that two-thirds of US companies have not purchased any sort of data-breach or cyber-liability coverage, exposing their operations to significant risk. Not investing in cybersecurity when you’re clearly at risk from an attack practically means you’re inviting cybercriminals to take a crack at your defenses.
(Finances Online)
14. More than 77% of organizations don't have a cybersecurity incident response plan.
The importance of having a proper response plan for cybersecurity incidents is overlooked by a whopping 77% of organizations working today. Meanwhile, more than half of participating companies (54%) admit they have been the target of one or more cyberattacks in the past 12 months.
(Cybint Solutions)
15. Nine out of ten organizations say they are at cyber attack risk.
Cybersecurity attacks statistics mention that the majority of businesses (91%) believe that they could be victims of a potential cyber attack at any given time which is why they are working on taking all possible measures to combat this threat. More bad news is that a massive 95% of CIOs are not optimistic that threats related to cybersecurity will get better any time soon. Instead, they claim it will only get worse.
(Cyberbit)
16. 48% of cyber attacks are motivated by malicious intent, and the rest are due to human error.
Cybersecurity stats show that a surprisingly high percentage of malicious attacks are caused by acts of human error or system failure (52%). Of the 52%, 27% result from human error, and 25% come from IT and business process failures. Some of the common issues facilitating cybercriminal have to do with a lack of training on external connectable devices (phones, USB flash drives, etc.), password updates, negligence, etc.
(Best VPN)
17. Small businesses are the target of 43% of cyber attacks.
Small business cybersecurity statistics show that hackers find small businesses an easy target as most of them are struggling as it is and are not making sufficient investments in programs to protect their data. Data also shows that web-based attacks were experienced by 64% of companies phishing, and social engineering attacks were experienced by 62% of companies while 59% of companies experienced attacks originating from malicious code and botnets. DoS attacks were experienced by 51% of companies.
(Cybint Solutions)
18. 65% of American SMEs fail to act after suffering a cyber attack.
Cyber attack statistics by year confirm that over half of SME US companies were victims of a cyberattack in 2018. Of them, 44% suffered two or more attacks in the same year. What is interesting is that following one or more cybersecurity incidents, a total of 65% of businesses failed to act at all, let alone accordingly. One explanation is that a high percentage of smaller businesses do not even realize these incidents could lead to a cyberattack.
(Top Vpn)
19. Only 5% of corporate files are efficiently protected against cybercrime.
Hacking statistics reveal an alarming fact: most business information is entirely unprotected against cybercriminals. A recent report by Varonis shows that 95% of files belonging to companies around the world are there for hackers to use as they like. In the first half of 2019 alone, data breaches had exposed 4.1 billion records.
(Varonis)
20. Every month, 44% of retail firms and 83% of financial companies get hit by an average of 50+ cyber attacks.
Retail cybersecurity breach statistics published as part of a recent report by the Ponemon Institute show a cyber attack occurs in either of these types of businesses just short of twice each day. Obviously, cybercriminals aren’t picky about who or what they target, but certainly know where the biggest score lies.
(Best VPN)
21. 57.7% of organizations cite a lack of skills as the main challenge of their SOC team.
Despite cybersecurity being a growing concern for an increasing number of companies around the world, experts on the matter are rare. Cybersecurity jobs statistics reveal that it is the industry that has the most evident skill gap. Believe it or not, more than 3.5 million cybersecurity positions are to remain vacant by 2021. So, unless you want your SOC team to be part of the 57.7% citing lack of skills, act now before your expert goes to work for the competition.
(Cyberbit)
22. Data breach statistics confirm that in 92% of the cases, emails are used to deliver malware.
Cybersecurity breaches most often happen via email and phishing attacks. More than half (53%) of the surveyed IT experts specializing in cybersecurity say that ensuring data is protected from phishing attacks is their top priority. Stats further suggest that since email is used to deliver malware in 92% of the cases, a top spam filtering service might just be the best option to ensure protection.
(CSO)
23. Cyber attack statistics say every 14 seconds, a ransomware attack takes place somewhere around the world.
In the plethora of cyber-attacks out there, ransomware attacks seem to stand out. And it’s not just businesses that suffer. Individuals, too, need to be extra careful. According to the 2019 Official Annual Cybercrime Report (ACR), a ransomware attack takes place every 14 seconds somewhere around the world, and the interval is set to shrink to 11 seconds by 2021.
(Privacy Crypts)
24. In 2019, espionage was the motive behind 25% of security breaches, while 71% were motivated by financial gain.
Recent cyberattack and cyber security trends reveal the motive behind most cybercrimes (71%) is to illegally obtain financial resources. Around a quarter (25%) have to do with espionage, according to a report by Verizon. Other reasons for committing cybercrime in 2019 were social engineering (roughly 33%), followed by phishing (approximately 32%). Malware was the motive behind close to 28% of all breaches. The runner-up on this list is hacking, which was the reason for more than half (52%) of all breaches in 2019.
(Cyber Observer)
25. For 33% of IT and cybersecurity professionals, "visibility in the cloud" is the top cybersecurity challenge.
Cybersecurity statistics show that the majority of organizations today see detecting and reacting to cybersecurity incidents in the cloud as their greatest challenge. 29% of over 450 IT and cybersecurity professionals interviewed as part of a survey by KPMG and Oracle expressed concern over the lack of qualified staff and skills. For 27%, the main problem is insufficient alignment between IT and security operations teams, while 26% pointed to the unauthorized use of cloud services.
(Bricata)
26. 76% of organizations believe insider abuse is their greatest security threat.
One of the more interesting facts about cybersecurity is that three-quarters of businesses are most concerned about the “enemy within”. The findings are part of KnowBe4’s 2019 Security Threats and Trends global survey, which covered more than 600 organizations worldwide. Insider threats come from end-users who carelessly and regularly put organizations at significant risk. These users engage with malware, ransomware, phishing emails, and other dangerous content frequently, and thereby cause substantial damage to their organizations.
(Security Boulevard)
27. In just five years, cyber attacks targeting organizations have increased by 67%.
The average number of attacks targeting organizations went up to 145 in 2018 from 130 in 2017, cybersecurity facts show. Their number will continue to rise as cybercriminals grow more unpredictable and creative. According to experts, AI is also set to join the arsenal of illicit online behavior instruments. After all, cybersecurity companies are not the only ones utilizing the latest advancements in the world of technology. Hackers can also learn the ways of security systems in a bid to abuse and exploit them.
(IT Business Net)
28. 37% of all malicious email attachments are .dot and .doc.
The #1 spot on the list of top malicious email attachments is occupied by .dot and .doc format files (over a third), followed by .exe files with 19.5%. These cybercrime statistics featured in a Symantec report clearly show that email is the most practical tool for cybercriminals to commit breaches into businesses and individual information alike. The best way to maintain a high level of protection is, of course, to use antivirus programs. It doesn’t hurt to employ some common sense as well. Think whether you’re expecting an email from someone you don’t know. If not, it’s best to scan it or have your IT expert take a look at it.
(Varonis)
Frequently Asked Questions
Why is cybersecurity important?
Cybersecurity is critical because the risk of cyberattacks is on the rise across a variety of platforms, methods, and technologies. Cybersecurity exists as a method of protection from cybercrime, and as such, is vital for keeping our daily lives undisturbed. Our society today relies on technology more than ever before. With the massive penetration of various cloud services (for storing personal information and sensitive data), as well as global connectivity, cybersecurity risk is ever-increasing.
What are the types of cybersecurity?
There are 5 different types of cybersecurity.
Critical infrastructure security revolves around the physical and cyber systems that we rely on in our day to day activities, including water purification, electricity grid, shopping centers, traffic lights, hospitals, etc.
Application security involves the hardware and software methods to engage and contain external threats that may arise in an application’s development stage. Examples of application security include encryption programs, firewalls, and antivirus programs.
Network security prevents unauthorized access to your internal networks. Important cybersecurity facts suggest new passwords and extra logins are the most common examples of network security implementation.
Cloud security is a software-based security tool that monitors and protects the data in your cloud resources.
IoT (Internet of Things) security refers to a significant number of both critical and non-critical cyber-physical systems. Examples of IoT involve security cameras, printers, Wi-Fi routers, televisions, sensors, appliances, etc.
What percentage of cyber attacks are phishing?
Spear phishing is one of the phishing forms that has recently been on the rise and is characterized by the use of information about a specific target making attacks even more specific and “somewhat personal”. An incredible 91% of attacks start with a spear-phishing email. Data further shows that around 65% of companies have at some point in the past year experienced a phishing attack.
Conclusion
By all counts, in the coming years, cyberattacks will grow in reach, number, and sophistication. And our list of cybersecurity statistics clearly shows there are no indications that attacks are going away any time soon. Keeping cybercriminals at bay requires an entire culture of cybersecurity awareness and safety among your employees. Unfortunately, not a lot of companies are ready to go that far. Keep your eyes open and listen to the experts if you want to enjoy smooth, cyberattack-free sailing in the years to come.