Reading Time: 7 minutes

Cybersecurity-facts-and-stats

The cybersecurity industry is growing at a rapid pace. Within a few years, it would become more profitable than the illegal drug trade.

Cybercrime causes more damage than anyone could imagine. By 2021, cybersecurity damages are expected to reach $6 trillion and it’s more than enough to cripple any economy.

Nikola Telsa was the first person to give an idea of a ‘world wireless system’. Back in the day, the internet was fun. But today, the internet has become a dangerous place. Here is a collection of 46+ must-know cybersecurity stats and facts.

The cybersecurity stats that I will be going to cover is based on:

Data Breaches

Data-breach

1. On average, there are 2,244 cyberattacks every day by hackers. This means, after every 39 seconds there is a new cyberattack on computers. (University of Maryland)

2. 5 of the biggest data breaches ever in the history of mankind include companies such as Yahoo, First American Financial Corp, Facebook, Marriott International, and Friend Finder Network with a combined number of records affected i.e. 5,877 Million. (CNBC)

3. The global average cost of a data breach is $3.92 Million (2019) which has increased by 1.5% since 2018. A growth of 12% from 2014 to 2019. (Security Intelligence)

4. Yahoo faced a massive data breach to date where 3 billion Yahoo accounts were affected in 2013. If that wasn’t enough, Yahoo faced another setback that affected 500 Million accounts. (NY Times)

5. 145 was the average number of security breaches that mean (+11%) increase since last year and (67%) increase since the last 5 years. (Accenture)

6. It took an average of 206 days for US companies to find a data breach. The previous year was 201 days, so there’s a slight increase. (IT Governance USA)

7. 43% of all Cyberattacks targets small businesses. These cyberattacks include (64%) web-based attacks, (62%) phishing attacks, (51%) denial of service attacks, and (59%) malicious codes. (Cybint Solutions)

8. Large scale cyber attacks are considered as the top 5 global risks that could destabilize the world economy. (World Economic Forum)

9. 279 days is the average time to identify and contain a breach. (IBM)

10. Uber paid $100,000 to hackers to delete stolen data of 57 Million people. When the news broke out, Uber admitted that it would have revealed the data breach to regulators soon. Uber then ousted CSO and one of his deputies from their role. (Bloomberg)

Cyber Crimes and Cyber Attacks

cyber-attacks

11.   92% of all the malware are delivered by email (PurpleSEC)

12. There is an 80% increase in new malware on Macs and a 92% increase in new downloader variants. (Symantec)

13. 46% increase in new ransomware variant and a total of 5.4 BillionWannaCry attacks blocked. (Symantec)

14. 21% of the cyberattacks are originated from China, 11% from the United States, 7% from Brazil, and 6% from Russia. (Symantec)

15. 34% of the cyberattacks involved internal actors. (Verizon)

16. 71% of the data breaches and cyberattacks are motivated by financial gains while 25% of the breaches were motivated by the gain of strategic advantage. (Verizon)

17. The average cost of a ransomware attack is $133,000. It covers the cost of ransomware demanded and the cost of downtime. (Safe At Last)

18. It is predicted that businesses will fall victim to a ransomware attack every 11 seconds by 2021. (Safe At Last)

19. Large-scale DDoS attacked increased by 500%. (Cybint)

20. 24,000 is the average number of malicious mobile apps are blocked each day. 27% of these apps belong to the Lifestyle category and 20% belong to Music and Audio. (Symantec)

21. 69% of organizations do not believe that online security threats can be blocked by their anti-virus software. (Ponemon Institute)

22. Health Industry is the most affected by cyberattacks. (Ponemon Institute)

23. Countries that are highly affected by ransomware attacks are the United States (18%), China (12%), and Japan (10.7%). (Symantec)

24. A total of 90% of remote code execution attacks are associated with crypto mining. (CSO Online)

25. 1 in 13 web requests lead to malware which has increased 3% from 2016. (Symantec)

Cybersecurity Damages, Cost, and Spending

cybersecurity-damages-and-cost

26. Cybersecurity damages are expected to reach $6 Trillion by 2021. (Cybercrime Magazine)

27. The cost per stolen record in the US is $150. That is a decrease from an all-time high of $158 per stolen record in 2016. (Statista)

28. The Healthcare industry had the highest data breach cost of $429 per record. (IBM)

29. Financial institutions spend $2,300 on average annual security spending per employee. (PR News Wire)

30. If your organization is impacted by a data breach, 67% of costs occur in 1st year, 22% of costs in the 2nd year, and 11% of the cost after 2 years. (IBM)

31. Extensive use of encryption reduces the cost of a data breach by an average of $360,000. (IBM)

32. One major contributor to the cost of cyberattacks is information loss which is at $5.9 Million. (Accenture)

33. The US and the UAE spend the highest amount on post-data breach. (Ponemon Institute)

34. Share prices fall by 7.27% on average after a breach. (Cybint)

Cybersecurity’s Impact on Jobs

Cybersecurity-jobs

35. 82% of companies report having a shortage of cybersecurity skills. (ISSA)

36. 61% of employers believe that a cybersecurity certificate is far more useful for getting a job than for doing a job. (ISSA)

37. The unemployment rate in cybersecurity is 0% and is expected to remain the same by 2021. (ISSA)

38. By 2021, it is predicted that all of the large companies will have a Chief Information Security Officer (CISO) position. (Cybersecurity Ventures)

39. Cybersecurity job growth is expected to rise by 37% from 2012 to 2022. (Monster)

40. An estimated 500,000 companies across Europe have registered DPOs. (IAPP)

Cybersecurity Compliance Statistics

GDPR-compliance

41. 88% of Companies spend $1 million or more while preparing for GDPR. (CSO Online)

42. 69% of Companies believe that mandatory compliance is mostly driving their spending. (CSO Online)

43. Google was fined $57 Billion for GDPR violations by CNIL when it comes to transparency and consent. (Tech Crunch)

44. GDPR is costing an average Fortune 500 company a sum of $16 million. (Forbes)

45. By the end of 2018, there were only 50% of companies believed that they were GDPR compliant. (Data Center Frontier)

46. In its first year, GDPR fined a total of $63 million. (GDPR)

47. After the implementation of GDPR, 31% of consumers believe their overall experience with companies has improved. (Marketing Week)

48. Big sport-related events such as the Olympics, UEFA, Wimbledon, and others are relying on Augmented Reality to innovatively bring exclusive content and fun engagement to spectators. (ARVR Tips)

Global VPN Usage Increased by >20% amid Coronavirus Outbreak

As the impact of COVID-19 spreads globally, VPN usage is on the rise. ExpressVPN, a leading consumer VPN provider, saw average global usage of its service increase by 21% since end-of-February, with strong double-digit growth coming from Europe and North America regions.

Growth in Europe:

vpn-usage-growth-in-europe

Growth in North America:

VPN-growth-in-north-america

In the Asia Pacific, by contrast, the growth rate of VPN usage is slightly slower likely because it has been experiencing the effects of COVID-19 since January.

The only exceptions are the Philippines and Malaysia, that have been imposing stricter lockdown measures in the last few weeks and experiencing above-average growth in consumer VPN usage.

VPN usage growth in Asia:

vpn-usage-growth-in-asia

“We are seeing strong demand in our services as more people spend more time indoors and employees around the world telework. Beyond using a VPN, we encourage users to practice good cybersecurity habits while working remotely,” said Harold Li, vice president, ExpressVPN.

A chart combining various regions’ consumer VPN usage growth can be found here:

global-vpn-usage-growth

What Cyber Security Experts have to Say about Cyber Security Challenges in 2020…

Here are some of the opinions of cybersecurity experts and tech experts about cybersecurity challenges in 2020 and beyond:

“Americans no longer trust Big Tech after they have repeatedly been caught abusing user data. People want to see an end to tech companies trampling on our right to privacy and to take back control of their data.”

“There’s no federal data privacy law in the U.S. that governs the activities of big tech companies, despite 56% of Americans believing otherwise”

Harold Li – Data Privacy and Security Expert at ExpressVPN

“Preventing downtime and quickly getting systems back online is paramount during a security breach, which can quickly cost a company millions. This becomes even more challenging as businesses push networks to the edge and users up to their data usage”

“Preventing losses requires a network resilience plan, including solutions like smart out-of-band management, to quickly monitor and recover if the data plane is breached and the primary production network goes down”

Marcio Saito – Chief Technical Officer at Opengear

“As a direct result of the coronavirus outbreak, thousands of businesses in the US and around the world are forced to stand up remote access for their employees; this is being done quickly and under pressure. It’s difficult for anyone to do their best work under a time crunch with a pandemic breathing down your neck,  and IT staff are no different. Mistakes and misconfigurations will be made, and that will leave the door open for hackers”

David Kruse – Cybersecurity Expert at Tetra Defense

“Ransomware will become one of the biggest threats in 2020, particularly as it becomes less randomly sprayed at consumers, but as attackers sharpen their aim directly at local government, health-care organizations and SMBs. Attackers will continue to automate ransomware, which is profitable repeat business.”

Daniel Goldberg – Security Research Expert at Guardicore

“The most common types of cyberattacks in 2020 will be those that utilize the human factor in cybersecurity.  What do I mean by that?  We’re going to continue to see an uptick in phishing and whaling attacks, the use of deep fake materials, and social engineering”

“Companies must implement robust information security training programs to educate everyone (from the C-Suite down) on these types of attacks”

Tom DeSot – EVP and Chief Information Officer at Digital Defense

“Phishing attacks, ransomware attacks, and IoT attacks are becoming the main problems in cybersecurity. Phishing attacks are becoming more sophisticated these days. hackers are using machine learning to quickly generate and distribute convincing fake messages under the assumption that recipients will accidentally compromise their organization’s systems and networks”

“Companies are constantly using stronger security measures to protect against ransomware attacks. IoT attacks are also a key concern because once hackers get control of your device, they will be able to lock down essential equipment and also overload networks just for financial benefits”

Kenny Trinh – Editor at Netbooknews

“Electronic Medical Records & Smart Medical Devices –   The health care industry is only just moving into the digital age, with this are concerns around privacy, security and cybersecurity threats. We have already seen the NHS get hacked with WannaCry which cost them over £92m”

Mandee Rose – Privacy Expert at TheVPNShop.com

“A new cybersecurity challenge has come up now that manufacturing companies are employing smart supply chains that leverage IoT and big data management. By employing AI systems and robotics, these supply chains are virtually automated, making their data a potential target for hackers. Unauthorized access to data on these systems could wreak havoc on the supply chain, which could lead to thousands of dollars in losses”

Jovan Milenkovich – Co-founder of Kommando Tech

Cyber Security Challenges According to David Lee Djangmah

David Lee Djangmah is an American security researcher, futurist, technologist, strategist, lawyer, consultant, and the one who has survived 70 days lockdown in China due to Coronavirus outbreak. 

Here’s what he had to say about Cyber Security challenges:

Due to heavy-handed Mainland Chinese censorship/cover-up, #iTHiNKLabs, like everybody else missed the COVID-19 (Novel Coronavirus) threat when the original Guide was drafted.

More than InfoSec, COVID-19 will dominate cybersecurity for the rest of 2020. Sadly, the great equalizer here is that InfoSec snobs treated COVID-19 as non-computer security-related until they, their customers or buddies had to work from home, which reflects a lack of risk maturity shared with C-Suite that I’ve often warned against.

Computer security is NOT just about tech. The Mainland Chinese get it. The West doesn’t. IT Security didn’t factor in remote work challenges early on when #iTHiNKLabs started covering Coronavirus because they assumed it was the non-tech and political issues rather health security issues with cybersecurity implications lost time just like political leaders who squandered time.

Currently, millions of orders are being canceled in China and around the world. The Coronavirus pandemic will kill businesses, cost the world economy trillions of dollars, shift the global order, induce a global recession (depression likely), and derail tech careers.

Nevertheless, the net positive is that simultaneously, the pandemic will advance VPN Security (consumer AND enterprise), Zero Trust and Cloud Security generally, as well as WiFi Security, while freeing up of enterprise IT/cybersecurity budget.

Nevertheless, from a business survival standpoint, startups and small businesses are most at risk, although now is a good opportunity to stress test remote work feasibility across the board.

You can find Djangmah on Twitter and on #iTHiNKLabs since he is a co-founder and Editor-In-Chief there.

Key Takeaways

There are so many cybersecurity threats lingering on the horizon, but it is very little we can do to protect our online security. Extensive use of encryption is one way that can reduce the cost of data breaches by $360,000.

Despite that fact, hiring CISO and DPO in your organization who can implement strategies to protect information assets and to prevent any breach of data seems to be a good strategy.