Cyber statistics are the lifeline for an organization’s security controls as these statistics help them be in line with the up-and-coming trends. With the rise in data breaches, cybercrime, and hacking, many organizations have risen to the challenge by strengthening their security frameworks. However, some organizations still find themselves unaware of both the financial and operational risks that cybercrime poses.
It is imperative to stay in the loop of what is happening in the field of cybersecurity worldwide if you're planning to implement better security practices. Here we've compiled a list of 50 statistics for infosec compliance, including stats across various sub-divisions, to provide you with a comprehensive understanding of the latest trends.
Human mistakes create 95% of cybersecurity violations. (Cybint)
The worldwide information security market is predicted to touch $170.4 billion in 2022. (Gartner)
88% of organizations worldwide went through spear-phishing attempts in 2019. (Proofpoint)
68% of business executives feel their cybersecurity threats are on the rise. (Accenture)
On average, only 5% of companies' storage folders are secure. (Varonis)
Data breaches revealed 36 billion records in the first section of 2020. (RiskBased)
86% of breaches were motivated by a financial perspective, and the motivation of eavesdropping inspired 10%. (Verizon)
45% of breaches involved hacking, 17% involved malware, and 22% involved phishing. (Verizon)
Impactful Hacking Statistics
The average expense of handling a data breach is $3.86 million, estimated as of 2020. (IBM)
analysts estimated the average duration needed to identify a breach in 2020 to be 207 days. (IBM)
Additionally, it took 280 days on average for a violation to be contained after it was discovered. (IBM)
In 2020, 58 percent of breaches involved personal data. (Verizon)
Since 2018 and since 2014, security breaches have grown by 11 percent and 67 percent, respectively. (Accenture)
Ransomware and Malware Specific Statistics
In 2020 compared to 2019, the typical ransomware payout increased by 33% to $111,605 per victim. (Fintech News)
10,573 harmful mobile applications were stopped on average per day in 2018. (Symantec)
94% of malware is installed through email. (CSO Online)
A ransomware assault on a firm typically costs $133,000 to recover from. (SafeAtLast)
48% of malicious email attachments include office files.
Phishing Specific Statistics
Phishing surged in 2020 after dropping in 2019, accounting for 1 out of every 4,200 emails. (Symantec)
The main infection vector in 65% of the groups was spear-phishing (Symantec)
1 in 13 web proposals leads to malware cyberattacks. (Symantec)
More than 80% of security incidents that have been reported include phishing attempts.
A phishing assault costs $17,700 every minute.
DDoS assaults would total 15.4 million in number globally by 2023. (Cisco)
In the first section of 2019, attacks against IoT devices quadrupled.
On the endpoint, malicious PowerShell scripts that were banned in 2018 surged by 1,000%. (Symantec)
The third most frequent IoT threat in 2018 was the DDoS worm delivered by Mirai. (Symantec)
Internal actors are responsible for 30% of data breaches. (Verizon)
IoT machines go through an average of 5,200 attacks every month. (Symantec)
Crypto mining accounts for 90% of remote code execution assaults. (Purples)
69 percent of firms don't think their antivirus software can stop the threats they are witnessing. (Cost of Data Breach Study by the Ponemon Institute)
1 in every 36 mobiles has high-risk apps installed.
Industry-Specific Cyber Statistics
The National Health Service (NHS) lost around $100 million as a result of the WannaCry ransomware assault. (Datto)
Ransomware attacks cost the healthcare sector $25 billion in 2019, according to estimates. (SafeAtLast)
In the previous three years, a data breach affected more than 93 percent of healthcare businesses.
When comparing industries, financial services have the most exposed sensitive data (352,771), followed by healthcare, pharmaceuticals, and biotech with the highest average (113,491) files. (Varonis)
15% of breaches were under healthcare organizations, 10% under the financial industry, and 16% under the public sector. (Verizon)
With $18.3 million, the banking sector paid the most to combat cybercrime in 2018. (Accenture)
Financial institutions were the target of 53 percent of ramnit attacks in 2017. (Cisco)
With an average cost of $18.3 million per firm studied, the financial services sector suffers the most from cybercrime. (Accenture)
Around 2/3 of financial services companies have over 1,000 sensitive files open to every employee. (Varonis)
Financial and manufacturing services have the highest percentage of exposed sensitive files at 21%. (Varonis)
A financial industry employee often gets access to around 11 million files the moment they walk through the door. Employees at major companies have access to 20 million files. (Varonis)
There will be no quick and definitive end to cybercrime. It is anticipated that, due to the COVID-19 pandemic, it will increase in size, scope, and sophistication over the coming years. A business should establish a culture of safety and cybersecurity to provide impenetrable protection. The following key insights may be drawn from this collection of the current year's cybersecurity statistics:
The worldwide cybersecurity industry will keep expanding significantly.
The Internet has become the emerging offenders' favored location.
Costs and losses from cybercrime are greater than those from natural disasters.
Every technological advancement tends to present cybercriminals with fresh options.
Compared to other businesses, hospitals are more susceptible to cybercrime.
The invention of bitcoin and other cryptocurrencies is being stifled by cryptojacking.
There will be an influx of jobs in the cybersecurity industry.
With this, we have reached the end of this article. These 50 statistics do not simply offer you information about the ongoing statistics in cybersecurity but also serve as an eye-opener for you to strengthen your organization's cybersecurity framework.
Scrut Automation is a smart and radically simple Governance, Risk, and Compliance automation platform for growing startups and mid-market enterprises. With Scrut, Compliance teams can reduce ~70% of their manual effort in continuously maintaining compliance towards SOC 2, ISO 27001, GDPR, PCI DSS, and privacy laws like HIPAA, GDPR, and CCPA. Schedule your demo today to see how it works.