Cybersecurity Statistics 2023: The Alarming Truth
Cybersecurity issues are becoming a common nightmare for businesses.
The latest cybersecurity statistics and trends show that the COVID-19 pandemic has only increased cyber crime because of remote work.
Research by IBM shows that the average cyber attack takes 280 days to find and contain. The average cyber-attack also costs companies about $3.86 million to deal with.
Simply put – Cyber-attacks cost a lot of time and money to deal with.
The best way to prevent data breaches and cyber-attacks is to be prepared.
The following cybersecurity statistics will:
- Help you understand the overall state of online security.
- Give you a better idea of what it takes to protect yourself.
Table of Contents
Cybersecurity Statistics & COVID-19
Did the COVID-19 pandemic really affect cybersecurity?
Short answer – Yes.
Cybercrime is up 600% due to COVID-19.
Why did the pandemic affect it so much?
As companies switched to remote work, it was more difficult for them to keep a firm grip on their security needs. And it cost them big time.
Remote work has increased the average data breach cost by $137,000.
20% of managers said they faced a security breach due to a remote worker.
Worse than that, 18% of managers said cybersecurity wasn’t a top 5 priority for their remote working employees.
But that doesn’t necessarily mean that only employees are to blame…
44% of companies did not provide specific training that focused on potential cybersecurity issues that can occur while working from home.
This could be a big reason remote workers were unprepared during the pandemic.
One of the most notable cybersecurity breaches came from Zoom.
Zoom user statistics show that Zoom grew significantly during the COVID-19 pandemic. In 2021, they had over 300 million daily active users and had grown by 2,900%.
Unfortunately, Zoom was also hacked in 2020. Over half a million (500k) Zoom user accounts were compromised and sold on the dark web.
This is just one example of the increasing cybersecurity issues and the effects that they can have on people and companies.
Data Breach Statistics
Hackers make cyber attacks all the time.
In fact, on average a cyber attack is performed every 39 seconds worldwide. That means there is an average of 2244 cyber attacks per day.
But just because there are thousands of attacks every day doesn’t mean every attack is successful. The truth is most of them aren’t.
There were 11,762 recorded cybersecurity data breaches between January 1, 2005 and May 31, 2020.
That means that well over 99.9% of all cyber-attacks are stopped.
This is because the cyber security industry is very good at preventing data breaches and there is generally more awareness around the issues.
The average annual security spending is $2,691 per employee. Bigger companies are the ones that usually go the extra mile to prevent any data breaches.
This can include:
- Educating employees on cybersecurity
- Requiring employees to have strong passwords
- Maintaining strong internet security infrastructure
- Dark web monitoring
- Using malware and virus protectors
The number of actual data breaches compared to the number of cyber-attacks are minimal, but when they do occur…
It causes a lot of problems.
The average cyber attack takes 280 days to identify and contain.
And it costs an average of about $3.86 million to deal with properly. That’s not even including all of the records and files that get exposed.
Data breaches exposed 36 billion private records in the first half of 2020 alone.
The biggest issue with data breaches is that they can seem endless. Even after containing the initial threat, the headache it causes for companies can last years.
Causes Of Cybersecurity Incidents
What are the biggest causes of cybersecurity issues?
Short answer: Humans.
Over 95% of cybersecurity breaches occur as a result of human error.
The truth is that the weakest part of any company’s cyber security is the people. Cyber security software has been proven to work effectively again and again.
It’s simple mistakes such as:
- Visiting the wrong website
- Clicking a dodgy link
- Opening a phishing email
…That can create cybersecurity issues.
Email is one of the worst offenders.
94% of malware is delivered by email.
Big email providers like Google and Microsoft have been improving their spam protectors to stop dodgy emails containing malware.
Google says that the machine learning algorithm used by Gmail has advanced to the point that it can detect and filter out spam and phishing emails with about 99.9% accuracy.
But Google statistics also show that about 50% to 70% of all emails sent and received in Gmail are unsolicited!
The big problem for companies is what happens when there is a data breach or cyber security issue. On average, only about 5% of a company’s folders are properly secured.
Even a small breach in online security can lead to tons of data and files being stolen.
Where Do Cyber Attacks Come From?
As you can see, cybersecurity is a big issue now and will continue to be an issue that requires significant attention in the future.
But the question is…
Where do these attacks come from?
Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.
48% of malicious email attachments are in the form of office files.
This means that popular office formats such as Word, PDF and Excel are all file extensions cybercriminals use when sending malware and viruses by email.
Did you know? Hacking and malware are probably the WORST negative SEO attacks you can face. Hackers can do subtle but damaging things to the website that affects your SEO over time.
Microsoft Office format extensions such as .doc or .xls are the most popular extensions, accounting for 38% of email malware.
The next most popular delivery method is archived files including .zip and .jar. These account for about 37% of malicious email transmissions.
It makes sense right…
Employees use these files daily, so they are much more likely to click on them even if it’s a spam email. 34% of all data breaches involved internal actors.
What does that mean?
Over ⅓ of all internal employees did something that created the breach.
65% of hackers used spear-phishing as the primary infection method.
“Spear phishing” is a type of phishing campaign that targets specific people or groups.
It often includes some sort of information that the hacker knows will be of interest to the target audience.
How effective are phishing attacks?
$17,700 is lost every minute due to a phishing attack. That equates to over $1.06 million per hour and over $25 million per day.
To say that phishing attacks are effective is an understatement.
Who’s Affected By Cyber Attacks?
Some industries are affected by cyber attacks more than others.
These next cybersecurity statistics detail specifically who is affected by cyber-attacks and why they are.
Small businesses with 1-205 employees are targeted most by cybercriminals.
About 1 out of every 323 emails a small business receives is malicious. This means small businesses have the highest malicious email rate of any industry.
A total of 43% of all cyber-attacks are aimed at small businesses directly.
47% of small businesses said they have experienced at least 1 cyber attack in the past year. 44% of those small businesses have experienced 2 to 4 cyber attacks over the last year.
Why do cybercriminals target these small businesses?
Because they are an easy target that aren’t appropriately prepared. A massive 70% of small businesses are unprepared to deal with a cyber-attack if it occurs.
That’s more than ⅔ of small businesses that are considered very vulnerable. And they are concerned about it:
- 66% of small businesses said they were very concerned about the risk of cyber security.
- 85% of small business owners said they plan to increase spending on managed security services.
Despite the concern and known risks of cyber attacks, motivating small businesses to take action to improve their cyber security is a challenge.
51% of small businesses say they are not allocating any budget to cyber security at all.
That is quite possibly the scariest cyber security statistic in this article.
It means about half of small businesses won’t do anything extra to protect themselves or their business from cyber-attacks…
Even if they know the risks.
Manufacturing as an industry has been experiencing an increase in financially motivated cyber-attacks and data breaches in the past couple of years.
Most of the attacks involve email phishing and using stolen credentials.
Manufacturing companies account for nearly 25% of all ransomware attacks.
Web applications, privilege misuse (stolen credentials) and cyber-espionage account for 71% of the manufacturing breaches.
68% of all cybersecurity attacks on the manufacturing industry are financially motivated.
The biggest problem for the manufacturing industry as a whole is that cybersecurity seems to be one of the weakest of any sector.
75% of all attacks on the industry are external.
Companies need to:
- Upgrade their security networks
- Educate employees on implementing stronger cybersecurity standards
Otherwise they will continue to be an easier target for criminals.
Healthcare is another industry that is consistently targeted by cybercriminals.
93% of all healthcare organisations have experienced data breaches in the past 3 years.
This could be because only 16% of healthcare providers report having “fully functional” security programs in place.
That means about 5 out of 6 health care providers don’t have solid and functional cyber security in place. It makes sense then that breaches are incredibly high.
43% of healthcare companies admitted that they either:
- Are still developing security programs
- Haven’t developed one at all
Clearly, cybersecurity issues are a known problem in the healthcare industry, but organisations aren’t doing enough to protect the company.
But here is why healthcare stands out the most:
Most breaches are associated with internal actors. 81% of healthcare cyber security incidents are primarily because of employee negligence.
Unlike the manufacturing industry, where most attacks are external, healthcare faces primarily internal attacks.
Unfortunately, internal cybersecurity attacks are harder to deal with.
It’s estimated that the healthcare industry lost about $25 billion due to ransomware attacks in 2019 alone.
What’s The Cost Of A Data Breach?
Data breaches cost companies and businesses a lot of money.
The average cost of a data breach is $3.86 million.
This doesn’t include the long-term impacts it can have on a:
- Company’s brand image
- Company’s sales
In the worst cases, data breaches can put companies out of business.
Remote workers have been a big target for cybercriminals. It’s easier to isolate remote workers who haven’t implemented appropriate security in their personal homes.
What’s the result?
Remote work has caused an average cost of a breach to increase by $137,000.
That’s a big jump. The average cost per lost (or stolen) record works out to be about $146 per person.
Data breaches and cyber-attacks cost companies and people a lot of money.
How Big Is The Global Cybersecurity Market?
As you can see…
Cybersecurity is a big issue for most-
To meet the increase in cyber-attacks and data breaches, there are more investments in cybersecurity than ever before.
These are the cybersecurity statistics you need to know about how big the industry is.
Revenue in the cybersecurity industry worldwide is projected to reach $146.32 billion in 2022. In 2021 the industry was worth $133.11 billion.
The cybersecurity market is broken down into 3 sectors:
- IT Services
This is the growth by revenue of each of the sectors over the last 3 years:
|IT Services |
IT Services is the most significant sector in the cybersecurity industry generating $62.03 billion in revenue in 2021.
Experts predict that the average cybersecurity spending per employee will reach $42.52 in 2022.
Wrapping It Up
There’s no question that cybercrime will reach an all-time high this year.
The cybersecurity statistics above show that most:
…are NOT prepared for the rising activity in cyber threats and data breaches.
As the remote work trend continues to grow, criminals have more opportunities to make successful attacks.
The cost that companies have to endure due to cyber-attacks and data breaches are only increasing.
Want more statistics posts? Take a look at these blogs: