Cybersecurity issues are becoming a common nightmare for businesses.
The latest cybersecurity statistics and trends show that the COVID-19 pandemic has only increased cyber crime because of remote work.
Research by IBM shows that the average cyber attack takes 280 days to find and contain. The average cyber-attack also costs companies about $3.86 million to deal with.
Simply put – Cyber-attacks cost a lot of time and money to deal with.
The best way to prevent data breaches and cyber-attacks is to be prepared.
The following cybersecurity statistics will:
What Will I Learn?
Did the COVID-19 pandemic really affect cybersecurity?
Short answer – Yes.
Cybercrime is up 600% due to COVID-19.
Why did the pandemic affect it so much?
As companies switched to remote work, it was more difficult for them to keep a firm grip on their security needs. And it cost them big time.
Remote work has increased the average data breach cost by $137,000.
20% of managers said they faced a security breach due to a remote worker.
Worse than that, 18% of managers said cybersecurity wasn’t a top 5 priority for their remote working employees.
But that doesn’t necessarily mean that only employees are to blame…
44% of companies did not provide specific training that focused on potential cybersecurity issues that can occur while working from home.
This could be a big reason remote workers were unprepared during the pandemic.
One of the most notable cybersecurity breaches came from Zoom.
Zoom user statistics show that Zoom grew significantly during the COVID-19 pandemic. In 2021, they had over 300 million daily active users and had grown by 2,900%.
Unfortunately, Zoom was also hacked in 2020. Over half a million (500k) Zoom user accounts were compromised and sold on the dark web.
This is just one example of the increasing cybersecurity issues and the effects that they can have on people and companies.
Hackers make cyber attacks all the time.
In fact, on average a cyber attack is performed every 39 seconds worldwide. That means there is an average of 2244 cyber attacks per day.
But just because there are thousands of attacks every day doesn’t mean every attack is successful. The truth is most of them aren’t.
There were 11,762 recorded cybersecurity data breaches between January 1, 2005 and May 31, 2020.
That means that well over 99.9% of all cyber-attacks are stopped.
This is because the cyber security industry is very good at preventing data breaches and there is generally more awareness around the issues.
The average annual security spending is $2,691 per employee. Bigger companies are the ones that usually go the extra mile to prevent any data breaches.
This can include:
The number of actual data breaches compared to the number of cyber-attacks are minimal, but when they do occur…
It causes a lot of problems.
The average cyber attack takes 280 days to identify and contain.
And it costs an average of about $3.86 million to deal with properly. That’s not even including all of the records and files that get exposed.
Data breaches exposed 36 billion private records in the first half of 2020 alone.
The biggest issue with data breaches is that they can seem endless. Even after containing the initial threat, the headache it causes for companies can last years.
What are the biggest causes of cybersecurity issues?
Short answer: Humans.
Over 95% of cybersecurity breaches occur as a result of human error.
The truth is that the weakest part of any company’s cyber security is the people. Cybersecurity software has been proven to work effectively again and again.
It’s simple mistakes such as:
…That can create cybersecurity issues.
Email is one of the worst offenders.
94% of malware is delivered by email.
Big email providers like Google and Microsoft have been improving their spam protectors to stop dodgy emails containing malware.
But Google statistics also show that about 50% to 70% of all emails sent and received in Gmail are unsolicited!
The big problem for companies is what happens when there is a data breach or cyber security issue. On average, only about 5% of a company’s folders are properly secured.
Even a small breach in online security can lead to tons of data and files being stolen.
As you can see, cybersecurity is a big issue now and will continue to be an issue that requires significant attention in the future.
But the question is…
Where do these attacks come from?
Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.
48% of malicious email attachments are in the form of office files.
This means that popular office formats such as Word, PDF and Excel are all file extensions cybercriminals use when sending malware and viruses by email.
Microsoft Office format extensions such as .doc or .xls are the most popular extensions, accounting for 38% of email malware.
The next most popular delivery method is archived files including .zip and .jar. These account for about 37% of malicious email transmissions.
It makes sense right…
Employees use these files daily, so they are much more likely to click on them even if it’s a spam email. 34% of all data breaches involved internal actors.
What does that mean?
Over ⅓ of all internal employees did something that created the breach.
65% of hackers used spear-phishing as the primary infection method.
“Spear phishing” is a type of phishing campaign that targets specific people or groups.
It often includes some sort of information that the hacker knows will be of interest to the target audience.
How effective are phishing attacks?
$17,700 is lost every minute due to a phishing attack. That equates to over $1.06 million per hour and over $25 million per day.
To say that phishing attacks are effective is an understatement.
Some industries are affected by cyber attacks more than others.
These next cybersecurity statistics detail specifically who is affected by cyber-attacks and why they are.
Small businesses with 1-205 employees are targeted most by cybercriminals.
About 1 out of every 323 emails a small business receives is malicious. This means small businesses have the highest malicious email rate of any industry.
A total of 43% of all cyber-attacks are aimed at small businesses directly.
47% of small businesses said they have experienced at least 1 cyber attack in the past year. 44% of those small businesses have experienced 2 to 4 cyber attacks over the last year.
Why do cybercriminals target these small businesses?
Because they are an easy target that aren’t appropriately prepared. A massive 70% of small businesses are unprepared to deal with a cyber-attack if it occurs.
That’s more than ⅔ of small businesses that are considered very vulnerable. And they are concerned about it:
Despite the concern and known risks of cyber attacks, motivating small businesses to take action to improve their cyber security is a challenge.
51% of small businesses say they are not allocating any budget to cyber security at all.
That is quite possibly the scariest cyber security statistic in this article.
It means about half of small businesses won’t do anything extra to protect themselves or their business from cyber-attacks…
Even if they know the risks.
Manufacturing as an industry has been experiencing an increase in financially motivated cyber-attacks and data breaches in the past couple of years.
Most of the attacks involve email phishing and using stolen credentials.
Manufacturing companies account for nearly 25% of all ransomware attacks.
Web applications, privilege misuse (stolen credentials) and cyber-espionage account for 71% of the manufacturing breaches.
68% of all cybersecurity attacks on the manufacturing industry are financially motivated.
The biggest problem for the manufacturing industry as a whole is that cybersecurity seems to be one of the weakest of any sector.
75% of all attacks on the industry are external.
Companies need to:
Otherwise, they will continue to be an easier target for criminals.
Healthcare is another industry that is consistently targeted by cybercriminals.
93% of all healthcare organisations have experienced data breaches in the past 3 years.
This could be because only 16% of healthcare providers report having “fully functional” security programs in place.
That means about 5 out of 6 healthcare providers don’t have solid and functional cyber security in place. It makes sense then that breaches are incredibly high.
43% of healthcare companies admitted that they either:
Clearly, cybersecurity issues are a known problem in the healthcare industry, but organisations aren’t doing enough to protect the company.
But here is why healthcare stands out the most:
Most breaches are associated with internal actors. 81% of healthcare cyber security incidents are primarily because of employee negligence.
Unlike the manufacturing industry, where most attacks are external, healthcare faces primarily internal attacks.
Unfortunately, internal cybersecurity attacks are harder to deal with.
It’s estimated that the healthcare industry lost about $25 billion due to ransomware attacks in 2019 alone.
Data breaches cost companies and businesses a lot of money.
The average cost of a data breach is $3.86 million.
This doesn’t include the long-term impacts it can have on a:
In the worst cases, data breaches can put companies out of business.
Remote workers have been a big target for cybercriminals. It’s easier to isolate remote workers who haven’t implemented appropriate security in their personal homes.
What’s the result?
Remote work has caused an average cost of a breach to increase by $137,000.
That’s a big jump. The average cost per lost (or stolen) record works out to be about $146 per person.
Data breaches and cyber-attacks cost companies and people a lot of money.
As you can see…
Cybersecurity is a big issue for most-
To meet the increase in cyber-attacks and data breaches, there are more investments in cybersecurity than ever before.
These are the cybersecurity statistics you need to know about how big the industry is.
Revenue in the cybersecurity industry worldwide is projected to reach $146.32 billion in 2022. In 2021 the industry was worth $133.11 billion.
The cybersecurity market is broken down into 3 sectors:
This is the growth by revenue of each of the sectors over the last 3 years:
IT Services is the most significant sector in the cybersecurity industry generating $62.03 billion in revenue in 2021.
Experts predict that the average cybersecurity spending per employee will reach $42.52 in 2022.
There’s no question that cybercrime will reach an all-time high this year.
The cybersecurity statistics above show that most:
…are NOT prepared for the rising activity in cyber threats and data breaches.
As the remote work trend continues to grow, criminals have more opportunities to make successful attacks.
The cost that companies have to endure due to cyber-attacks and data breaches are only increasing.
Want more statistics posts? Take a look at these blogs: