Posted On: Mar-2023 | Categories : Information and Communication Technology
The demand for data protection from cybercriminals is fulfilled through the constantly changing cyber security market. It provides various solutions to help businesses protect themselves from online threats like Malware, viruses, hacking, data leaks, and other types of online crime.
The market for cyber security in 2021 was worth USD 216.10 billion, and by 2030 it will reach USD 478.68 billion, at a 9.5% CAGR during the forecast period.
Over 65,000 vulnerabilities were found by ethical hackers in 2022, a 21% increase from 2021.Nearly 2,200 cyberattacks occur each day, with one cyberattack occuring every 39 seconds.
Organizations are choosing a wide range of services provided by cybersecurity vendors. They include network security technologies, endpoint security options, identity access management (IAM) systems, cloud security services, and software tools for threat & incident response. Also, many businesses are spending money on artificial intelligence (AI)-based solutions that can automate tasks like looking for intrusions into networks or spotting suspicious activity on network-connected devices.
The increasing digitization of several sectors, including finance, healthcare, and manufacturing, has given hackers a new opportunity to target weak points of any organization. As a result, companies are making investments in cybersecurity solutions to safeguard themselves against these threats.
Cybercrime can have an impact on a corporation for several years. The costs involved with cyber assaults, like litigation, insurance rate rises, criminal investigations & bad press can put a company out of the market very quickly.
Investment fraud became the most expensive type of cybercrime in 2022, with an average loss of $70,811 per victim.
In the US, people suffer total losses of more than $10.2 Bn due to cybercrime in 2022. Given that there were 5% less complaints in the US in 2022 than there were in 2021.
In 2023, eCommerce fraud will cost the retail industry USD 48 billion globally.
Businesses will lose $343 billion to online payment fraud between 2023 and 2027.
The cost of cybercrime will reach USD 8 trillion in 2023 & USD 10.5 trillion by 2025.
By 2023, more than 33 billion records will be stolen, a 175% increase from 2018.
System misconfiguration (6%), stolen/lost devices or records (9%), inadvertent disclosure (11%), network intrusion (34%), and phishing (40%) are the most common cyber attacks experienced by US businesses.
Industries like the public sector (4,346 instances), the professional sector (1,168 instances), manufacturing organizations (465 instances), information firms (420 instances), and healthcare enterprises (206 incidents) were most actively attacked by malware attacks in the year 2019.
SaaS (36%), financial institutions (20%), payment gateways (12.4%), social media networks (11.2%), e-commerce (8%), logistics (4.2%), and cloud storage (3.3%) are the online sectors most frequently targeted by phishing assaults.
The data breach cost increased from $3.86 million to $4.24 million in 2021.
In the USA, there are 30 million SMBs, and more than 66% of them experienced at least one cyberattack between 2018 and 2020. More than half of all cyberattacks target SMBs.
Maintaining a high security level includes making employees understand how security affects their day-to-day activities. Security awareness training is a crucial element of security strategy of any company. According to Accenture's "State of Cybersecurity Resilience 2021" report, the cost of data breaches will rise from $3 trillion per year to more than $5 trillion by 2024.
Recent revelation by "Hiscox Cyber Readiness Report 2022," states that a single attack, be it a data breach, ransomware, Malware, or DDoS attack, cost enterprises in the United States a median of $18,000 in 2022, up from $10,000 in 2021, with 47% of all U.S. businesses experiencing a cyber attack in some form.
In 2022, the average overall cost of data breaches was $4.35 million. Breaches in the healthcare industry were most expensive at $10.10 million on an average. With USD 9.44 million, breaches in the United States were the most expensive.
For the year 2023, the U.S. government has allocated USD 10.89 billion for cybersecurity spending. The Department of Homeland Security will receive approximately USD 2.6 billion in 2023.
Cybercrime had an impact on 53.35 million US people in the 1st half of 2022.
One in five internet users were impacted by the exposure of nearly 1 billion emails in a single year.
In 2022, 39% of UK companies said they had experienced a cyberattack.
One in ten US businesses do not have any protection against cyberattacks.
In 2022, cybercrime will cost UK firms an average of £4200.
With 20% of all attacks reported, server access attacks were Asia's most common attack type, followed by ransomware (11%) and data theft (10%).
Ransomware was the primary attack type in Europe, constituting 26% of all attacks. The next most frequent attack types were server access (12%) and data theft (10%) attacks.
With 30% of attacks in North America, ransomware was also the most common attack, followed by server access attacks (9%) and business email compromise (12%).
In the Middle East & Africa, server access attacks accounted for 18% of all attacks, with misconfiguration accounting for 14%.
Ransomware being the most common type of attack in Latin America, accounting for 29% of all attacks.
The estimated cost of data breaches every hour has grown globally. The hourly loss rate reached $787,671 in 2021.
The amount spent to safeguard businesses from data breaches has increased significantly due to improvement in the security structures of the organizations. Businesses have spent $4.35 million on an average in 2022 to protect themselves from data breaches, up from $4.24 million in 2021.
In 2013, Yahoo & its 3 billion users were the prey of a breach in which all databases of users like birthdate, name, addresses, phone numbers, and passwords were exposed. As a result, it lost nearly USD 350 million and lost the majority of its users. It is considered as one of the largest data breaches of the 21st century.
Twitter experienced a data breach that impacted millions of users across Europe and the United States.
On October 12, 2022, the carding marketplace Biden Cash exposed the details of 1.2 million credit cards for free.
Australian telecommunications company "Optus" experienced a severe data breach on September 22, 2022, that exposed the identities of nearly 11 million customers.
A hacker uploaded a data set containing current personal information for 487 million WhatsApp users to BreachForums on November 16, 2022.
On October 13, 2022, Australian healthcare and insurance provider Medibank experienced a data leak, resulting in the theft of the personal information of 97 million people.
A data breach on LinkedIn in 2021 revealed the personal details of 700 million users, or roughly 93 percent of all LinkedIn members.
In March 2021, an attack on Microsoft affected over 30,000 organizations in the United States, including businesses and government agencies.
Cyberattacks are diverse, and new forms of Malware are revealed every day. Phishing, Malware, ransomware, social engineering, and distributed denial of service attacks are some of the most common attacks.
The fastest-growing cybercrime is ransomware, which is a top choice for hackers. By the end of 2021, losses were 57 times greater.
In 2022, ransomware attacks rose by 41.5%. In the first half of 2022, nearly 236.1 million ransomware attacks happened.
The average cost of ransomware damage in 2021 was USD 20 billion, and is 57 times greater than in 2015.
2020 marked the first ransomware incident on a German healthcare facility that failed its entire IT systems.
Despite an 82% detection rate, only 18% of organizations blocked at least one type of ransomware in a year.
Annually, 51% of businesses are affected by ransomware attacks.
In North America, sectors like corporations (41%), municipality (15%), Healthcare (12%), education (12%), infrastructure (11%), travel (5%), and financial (4%) were the prey of ransomware attacks in 2021.
323 972 online users reportedly fell for phishing scams in 2021.
1 in 5 internet users had nearly 1 Bn emails exposed in 2021 due to the rising rate of phishing attack.
Phishing attack typically cost victims an average of USD 136.
In 2022, phishing attacks rose by 61%.
In the Q3 of 2022, there were nearly 3 Mn phishing attacks.
In 2020, phishing was the most frequently reported issue by individuals and corporations, leading to a loss of USD 1.8 billion in revenue.
Phishing instances doubled from 114,702 instances in 2019 to 241,324 instances in 2020. In comparison to the year 2016, there were 11 times more phishing complaints registered in 2020.
Phishing has replaced Malware as the most common category of attacks since 2016. Furthermore, approximately 147,221 new phishing sites were found in 2020.
As of January 2021, Google had recorded 2.15 million phishing sites, an increase from 1.7 million in January 2020. Additionally, Facebook and Google lost nearly USD 100 million due to phishing attacks in 2020.
The US organizations were the main target, with 84% of phishing attacks in 2018, followed by Canada (5.2%) and France & China (3.2%) in the same year.
In 2020, businesses like Webmail providers and Software as a Service (SaaS) firms (35.2%), Institutions of finance (19.8%), Paying services (12%), websites for social media (11.5%), and E-commerce companies (8.2%) were affected by phishing attacks.
More than 1,506 data breaches occurred as a result of data phishing attacks, affecting 164.68 million records. This is a 19.8% rise from the 1,258 breaches in 2018.
Google (12%), Amazon (14%), WhatsApp and Facebook (8%), Windows (6%), Apple (3%), Netflix (2%), and PayPal (3%) are the companies that frequently imitate phishing attacks.
In 2023, there were 300,000 new malware instances created every day, 92% were disseminated by email.
Malware has infected 4.1 million websites.
Additionally, WordPress plugins are used in 97% of all website security breaches.
Cryptojacking increased by 43% in 2022, while IoT malware increased by 87%.
The United States has the highest rate malware attacks with a total of 2.68 billion attacks, followed by UK with 432.9 million attacks, & India with 335.4 Mn attacks in 2022.
Types of Security
In 2021, the market for cloud security was USD 29.24 billion, and by 2029 it will reach USD 106.05 billion at a 18.1% CAGR.
Nearly 55% of businesses have adopted multiple public clouds. Hacking of accounts (51%), insecure interfaces (51%), unauthorized access (58%), and misconfiguration of cloud platforms (790%) are the top security challenges of the public cloud.
From January – April 2020, external attacks on cloud accounts grew by 630%.
Industries like Technology (42%), healthcare (18.5%), government (12%), hospitality (5.5%), finance (7%), and others (16%) faced issues due to cloud misconfiguration.
79% of businesses desire stronger control and security for their cloud-based data. CASBs, or Cloud Access Security Brokers, can assist companies in achieving this objective.
Finding and fixing software vulnerabilities (30%), identifying non-compliant workload configurations (27%), Recognizing setup security groups (26%), Finding sensitive data residing in the public cloud (22%), and Third-party access to data stored on the public cloud (20%) were prioritized by enterprises in 2019 to increase security visibility for the use of public cloud services.
Observance (50%), Adaptation to the present IT landscape (38%), and Concern for becoming overly dependent on the supplier (32%) were the main security risk of cloud services in 2019.
Adopting Zero Trust technology can address growing security weaknesses, but most businesses are still in the early stages of implementation. Nearly 36% of organizations have adopted Zero Trust solutions.
According to a survey of nearly 1,300 network security professionals, 43% of them identified "identity and Access Management" as the first task to address as they begin the transition to zero trust, followed by Network Security (20.8%).
In the future, 78% of IT security teams will adopt zero trust network access. 15% organization already have zero trust, and 19% are actively implementing it. Nearly half of the enterprise IT security teams (47%) lack confidence in providing zero trust with their present security technology.
62% of organizations say securing access to private apps distributed across the data center and cloud environments is their most difficult application security challenge. The next step to reduce the number of private apps accessible via the internet (52%), followed by increasing user activity visibility (50%).
In 2021, 50% of all websites had at least one severe issue.
Malicious web application requests increased by 88% between 2020 and 2021. In 2020, attacks through DDoS increased by 37%.
Broken access control and injection attacks accounted for more than 75% of web application attacks, while requests for web applications increased by 88%. Furthermore, SaaS vendors were responsible for more than 28% of web application attacks.
Sensitive data breaches posed a risk in 68% of web apps. According to some statistics, there is a 47% likelihood of breaches involving personal data and a 31% chance of involving credentials.
Of all e-commerce sales, mobile commerce accounts for 72.9%. Nearly 42% of businesses claim that mobile app and web application flaws caused security incidents.
Based on the research of more than 1.3 million iOS and Android apps, nearly 14% of the apps utilizing public cloud backends had misconfigurations that revealed users' personal information. In 2021, 30% of the zero-day vulnerabilities targeted mobile devices, and it increased by 466% in the same year. Moreover, 75% of the assessed phishing websites particularly targeted mobile devices.
Phishing emails intended to steal passwords (52%), Malware on a device's command and control traffic (25%), and Accessing URLs or webpages that are affected (23%) are the most typical examples of malicious network traffic from devices.
By 2025, businesses will spend up to $15 trillion on IoT. Up to 152,000 IoT devices will connect to the internet every minute by 2025. In the US, 44% of businesses have embraced IoT.
With a CAGR of 21.38%, annual global spending on security measures for IoT networks increased from $91 million in 2016 to $631 million in 2021.
Data security challenges connected to a lack of competent employees are the most important concern for 32% of companies implementing IoT ecosystems globally.
More than 1.5 billion IoT breaches occurred between January and June 2021, most of which involved the telnet remote access protocol. Due to the pandemic, the statistics on Internet of Things hacking are increasing rapidly.
In 2021, the global market for blockchain solutions reached USD 6.6 billion.
Global investment in blockchain technologies will reach $11.7 billion by 2022 and will expand at a rate of 85.9% from 2022 to 2030.
Data security and privacy, according to 68% of CEOs, are the areas that need the most improvement to encourage the implementation of blockchain technology.
Several blockchain systems have been affected by 51% of attacks, in which hackers seize more than half of the network's computational capacity.
Cryptocurrency theft increased, with approximately $3.2 billion worth of cryptocurrency stolen in 2021, a 516% increase over 2020. In 2021, the IRS Criminal Investigations reported that it had seized cryptocurrency totaling more than $3.5 billion as a result of non-tax investigations.
In 2021, using DeFi protocols was the most popular method of stealing cryptocurrency. DeFi alone was responsible for $1.4 billion of total crypto money lost in the previous year.
The use of DeFi protocols for money laundering increased by 1,964%, by far the largest of any protocol.
According to a survey conducted in 2021, 52% of participants think blockchain technology will have a significant impact on eliminating fraud and validating customer billing instructions.
In 2022, the global value of cryptocurrency payment transactions will increase by 70.5% to $10.40 billion. By the end of 2023, transaction value will increase by 55.4% to surpass $16 billion.
Cybersecurity Statistics By Industry Verticals
In the healthcare sector, one breach in 2022 cost an average of USD 10.10 Mn.
The market for cybersecurity in the healthcare industry will increase from $13.18 billion in 2021 to $15.70 billion in 2022.
Healthcare is the primary sector targeted by ransomware attackers. There were 125 breaches during the first quarter of 2022.
Healthcare is still the primary industry targeted by ransomware attacks.
NewYork-Presbyterian (NYP) Hospital reported over 12,000 data breaches in September 2022.
1.9 million cyberattacks have occurred in the Indian healthcare sector as of November 28.
According to Verizon's 2022 Data Breach Investigation, 282 cyber breaches were recorded, especially in the education sector, in 2022. Ransomware assaults caused almost 30% of breaches in the education sector.
In the last month of 2022, the education industry registered 80% (approximately 7.2 million) cases of Malware.
In the first half of 2017, the education sector accounted for 13% of all data security breaches, loosing approximately 32 million personal records. In March 2018, nine Iranian hackers launched a massive cyber attack on over 300 universities worldwide.
K–12 education had the highest percentage of ransom payments at 53% in 2021, according to Sophos' The State of Ransomware 2022 report, followed by the state and local government sector (49%).
The Security's Cost of a Data Breach Report 2022 by IBM states that the data breach cost in the education sector was $3.86 million.
School district IT directors consider cybersecurity as their top priority. Only 54% of districts are actively monitoring for breaches in real time, 77% do not have a full-time employee devoted to cybersecurity, and around 59% of districts still need a cybersecurity plan in place.
From 2013 to 2020, the value of cryptocurrency ransoms increased by approximately 80,000%. Financial services have 449,855 exposed sensitive files, 36,004 of which are accessible to all employees.
In 2018, the financial services sector spent $18.3 million on cybercrime-related expenses.
In 2017, the banking sector was heavily impacted by the Trojan horse virus Ramnit, which accounted for 53% of the attacks.
In 2022, 47% of SMBs experienced a cyberattack. Phishing is one of the most serious hacks experienced by small businesses. About 26% of small firms place the highest importance on cybersecurity.
In the first three months of 2022, 35,400,000 Internet attacks were detected against SMBs. The cost of a small business claim has risen to $139,000.
Nearly 52% of confirmed attacks against SMBs are the result of human error.
Till the end of 2021, around 70,000 Department of Defense contractors were CMMC compliant.
The US government has spent $15 billion on cyber security activities in 2019, a 4% increase over the previous year.
The US government's cybersecurity budget has accelerated by $583.1 million, or 4.1%, since 2018.
In terms of financial harm, the United States was the nation most severely impacted by cybercrime in 2018. According to industry experts, cyberattacks led to American government loosing around 13.7 billion dollars in 2018.
According to the Global Cyber Security Index, the United States is one of the nations with the highest contribution to cybersecurity. Government IT spending reached 88 billion dollars in 2019; by 2021, it reached 92 billion.
Federal agencies reported 13,107 cybersecurity incidents in 2018. The U.S. government was responsible for 2.1 % of all exposed records and 5.6% of data breaches in 2018.
Frequently Asked Questions -
1. How often do cyber attacks occur?
- On average, almost 1-2 hacks occur every 39 seconds.
2. How many cyber attacks were there in 2022?
- In the first half of 2022, a total of 236.1 million ransomware attacks were reported worldwide.
3. How big is the cybersecurity issue?
- Cyberattacks climbed by 125% globally in 2021, and in 2022, rising cyberattack rates continued to endanger enterprises and individuals. Several sectors, including education, research, and healthcare, were more severely impacted than any other sector.
4. What percentage of cyber-attacks are related to phishing?
-Phishing scams are responsible for around 22% of all data breaches, making it one of the most common cybercrimes. Also, phishing affected almost 83% of businesses in 2021.
5. What percent of hackers get caught?
- About 4% to 5% of hackers are caught by law enforcement each year, despite strict cyber regulations.
6. How many cyber attacks happen every day?
- Approximately 30,000 cyberattacks occur every day.
7. How often does a cyber attack occur in the US?
- In 2021, one in two American people using the internet had their account hacked. In the first half of 2022, cybercrime affected 53.35 million US individuals.
8. How many cyber attacks happen per minute?
- Nearly 2,645 cyberattack happens every minute globally.
9. What industry encounters the most cybersecurity attacks per week?
- The finance sector (226 attacks) was mostly targeted globally by web application attacks. Followed by healthcare (173 attacks) and the professional sector (164 attacks).
10. How many Americans get hacked each year?
- Every year, 111.7 million American are victims of cyberattacks.
11. Number of cyber attacks per year in the United States?
- Since 2015, the US has seen an average of 199.17 million cyberattacks annually.
12. Increment in Cyber Attacks (Percentage)
-In comparison to 2021, there was a 38% rise in worldwide cyberattacks in 2022.
13. What percent of business leaders feel their cybersecurity risks are increasing?
- Approximately 68% of business leaders feel that the cybersecurity dangers are increasing.
14. Are 43% of cyber-attacks aimed at small businesses?
- Nearly 43% of cyber-attacks are aimed at small businesses because they usually lack cybersecurity measures.
15. Do 60 percent of small businesses which are victims of cyber-attack go out of business within a span of six months?
-Yes, 60 percent of small businesses that are victims of cyber-attack go out of business within six months due to bankruptcy.
https://www.cobalt.io/blog/cybersecurity-statistics-2023
https://webtribunal.net/blog/cybersecurity-statistics/
https://connect.comptia.org/blog/cyber-security-stats-facts
https://www.techtarget.com/whatis/34-Cybersecurity-Statistics-to-Lose-Sleep-Over-in-2020
https://www.varonis.com/blog/cybersecurity-statistics
https://purplesec.us/resources/cyber-security-statistics/#Healthcare
https://financesonline.com/cybersecurity-statistics/
https://dataprot.net/statistics/cyber-security-statistics/