As a result, cybersecurity is an essential tool for anyone who uses the internet. It is especially important for businesses with remote employees. Companies often invest in antivirus software, firewalls, and cyber insurance to protect their data and defend against cyber criminals. This article will provide important cybersecurity statistics and facts to help people avoid cyber threats and modify their online behavior to keep their information secure. To make sense of the upcoming trends in cybersecurity, take a look at our pick of the most notable cybersecurity statistics for 2022 and further.
General cybersecurity statistics
- 54% of companies find that their IT security departments are not equipped well enough to respond to today's sophisticated cybersecurity threats. (Sophos)
- 42% of companies are experiencing cyber fatigue – being unable to proactively defend their company from cyberattacks.
- 77% of organizations do not have an incident response plan in place. (Cybint)
- 69% of companies are convinced that antivirus software is unable to defend their company from sophisticated cybersecurity attacks. (Ponemon Institute)
- 68% of business leaders state that they're aware that cybersecurity risks are increasing. (Accenture)
Cybersecurity statistics and user behavior
- When asked if they have access to cybersecurity advice or training, almost 50% of respondents, students and employees, answered ''no''. (Cybsafe)
- 61% of cybersecurity professionals believe that their cybersecurity team is understaffed. (Judge)
- The number one cause of data breaches is human error accounting for 95% of cybersecurity breaches. (World Economic Forum)
- In a Cybsafe survey, 43% of participants stated that they had never heard of Multi-Factor Authentication.
- More than 42% of employees admit to clicking malicious attachments within emails. (SecurityEscape)
Cybersecurity statistics by industry
- 98% of all IoT device traffic is not encrypted – exposing personal and confidential data on the network.
- The healthcare industry holds the most expensive costs of a cybersecurity attack, amounting up to $7.13 million. (IBM)
- 50% of IoT devices on corporate network security organizations don't maintain basic security measures beyond default passwords.
- Among the top malicious app categories are lifestyle with 15% and entertainment at 7%. (Broadcom)
- The healthcare industry was the most targeted industry, taking into consideration both volume (69%) as well as complexity (67%). (Sophos)
- Security incidents including IoT devices have impacted 67% of enterprises (Forrester)
- The healthcare industry suffered 212 data breaches in 2021. (HIPAA Journal)
- One out of 36 smartphones has a high-risk app installed. (Broadcom)
- The most common cyberattacks on small businesses are the following: Social Engineering/Phishing 57%, Stolen/Compromised Devices 33%, Credential theft 30%. (Forbes)
Cybersecurity market statistics
- The worldwide healthcare cybersecurity market is expected to grow by 15% annually through 2025, hitting $125 billion. (Cybercrime Magazine)
- The predicted growth for cyber insurance between 2021 and 2028 is at 25,3% (CAGR), reaching $36,85 billion in 2028. (Fortune Business Insights)
- By 2026, the global cybersecurity market will be worth $352.25 billion. (Mordor Intelligence)
- Banks' number one cybersecurity concerns are employee-targeted phishing attacks. (CSI)
Cybersecurity statistics by threat
- 94% of malware is delivered by email. (Verizon)
- 10% of all data breaches include ransomware. (Verizon)
- 300 000 Android users downloaded banking trojans through Google Play Store. (ThreatFabric)
- The average cost of a post-ransomware attack recovery is $2 million. (Sophos)
- Insider threats account for 43% of all breaches – some of them being unintentional, while others are intentional. (CheckPoint)
- Only 4% of businesses actually receive their stolen data after a ransomware attack. (Sophos)
- A single employee has access to 11 million files on average. (Varonis)
- Around 90% of successful cyberattacks are conducted through phishing. (KnowBe4)
- 60% of companies have around 500 active accounts with passwords without expiry dates. (Varonis)
- 57% of companies experience a phishing attack on a weekly or daily basis. (GreatHorn)
- Social engineering is the most successful data breach method.
- 37% of cyberattacks are phishing campaigns. (Statista)
Cybersecurity statistics for cybercrime and cybersecurity costs
- A hacker can obtain 1 million compromised user account credentials for as little as $25. (Fortune)
- The average annual company loss due to cybercrime is $188 400 due to cybercrime.
- If remote work is a cause for a data breach, the average breach cost is $1.07 million higher. (IBM)
- The average cost of a malware attack is $2.6 million.
- Companies applying the zero-trust policies have $1.76 million less in cybersecurity costs than organizations without the mentioned approach. (IBM)
- A ransomware attack occurs every 14 seconds. (Cybercrime Magazine)
- Lost business costs due to a data breach can cost a company $1.59 million on average. (IBM)
- A cyberattack occurs every 39 seconds. (University of Maryland)
- Averaging at $5.9 million, the most expensive cyberattack component is information loss. (Accenture)
- The worth of the ransomware industry in 2021 was $14 billion. (Judge)
- 32% of ransomware victims pay the ransom while only retrieving 65% of their data back.
- By 2025, the worldwide cybersecurity costs due to cybercrime will hit $10.5 trillion. (Cybersecurity Ventures)
- 1 out of 10 small businesses falls vicitim to a cyberattack. (Insurance Information Institute)
- The expected global cost of ransomware attacks is to hit $265 billion by 2031.
- Most business leaders think that their company does not have adequate tools to defend itself against cyber attacks.
- IoT devices can be compromised moment after being connected to the internet, more precisely, in less than a minute.
- Despite the growing concern regarding cybersecurity, the most common user password is still 123456.
- A company experiencing a data breach is not only suffering financial losses but reputational as well.
- Four out of ten companies hold more than 1000 unsecured sensitive files on their servers.
- Cybersecurity takes on five forms: network security, protecting critical infrastructure, computer applications, IoT security, and colud security.
- On average, there are 26 000 cyberattacks per day. (Forbes)
- One out of three user accounts on the internet is considered stale.
For more cybersecurity related topics visit our blog section.