Reading Time: 8 minutes

must know cyber security stats

The cybersecurity industry is growing at a rapid pace. With a growing number of Cybersecurity risks, damages to the global economy are expected to reach $6 trillion by the end of 2022. As expected, the graph of the cybersecurity trend is not dying down anytime soon.

Ever since the world got plagued with the CoronaVirus, the entire landscape of cybercrimes has drastically evolved. With workforces forced to work remotely due to the pandemic, businesses are yet to face a new wave of cyberattacks. Because let’s face it, most companies today have unprotected data and follow poor cybersecurity practices that can make them vulnerable to data loss.

To give you a proper idea of the current state of cybersecurity risks, I’ve done extensive research and put together a report documenting cybersecurity statistics you should know about in 2021.

The cybersecurity stats that I will be covering is based on:

Latest Cybersecurity Incidents of February 2021

1. Hackers from the Chinese military launched a campaign to carry out unethical surveillance against Tibetan nationals living in China and abroad. (hrw.org)

2. Defense firms of more than ten different countries got targeted by North Korean hackers. According to sources, North Korean hackers have been secretly spying ever since early 2021. (thehackernews)

3. Cybercriminals hacked a department in Oxford university working on COVID-19 vaccines. Hackers are suspected of selling confidential information to other nations. (Forbes)

4. Iranian hacking groups conducted spying campaigns in 16 countries including the Middle East, South Asia, Europe, and North America. (washingtonpost)

5. In an attempt to rebel against UAE’s new-found relation with Israel, an alleged Iranian hacking group targeted government agencies in the UAE. (bankinfosecurity)

6. Pfizer, a pharmaceutical company got targeted by North Korean hackers in an attempt to steal confidential information related to the COVID-19 vaccine and treatment. (bbc)

7. Iranian hacker group hijacked a server in Amsterdam to launch attacks against political opponents located in Germany, Sweden, the Netherlands, and India. (thecyberwire)

8. North Korean hackers got indicted by the US Department of Justice for plotting a conspiracy to steal an estimated $1.3 billion in cryptocurrency and cash. (justice.gov)

9. As reported by Ukrainian officials, a website belonging to Ukraine’s Security Service got targeted by a multi-day DDoS attack led by Russians. (Reuters)

10. Hackers raised the levels of sodium hydroxide of a water supply company based in Florida by exploiting a remote access vulnerability. (washingtonpost)

11. Cybercriminals arrested after scamming telecom companies into assigning the phone numbers of celebrities to new devices which resulted in $100 million worth of compromised cryptocurrencies. (zdnet)

12. According to the recently disclosed information, a Russian hacking group has been suspected of running a four-year campaign against French IT providers. (telecompaper)

13. Human rights advocates in Vietnam got targeted by hackers associated with the Vietnamese government for nearly three-year. Hackers were allegedly using spyware to spy on human rights works to steal confidential data. (amnesty.org)

14. Russian hackers found to hack a file-sharing system associated with the Ukrainian government. Whoever downloaded the planted file, got their computers hacked. (teiss.co.uk)

Cybersecurity Incidents of February 2021

1. Telecommunication companies, ISPs, and web hosting providers from the US, UK, and a few middle eastern countries got breached by hackers alleged to be part of Hezbollah. Hackers were suspected of harvesting intelligence data. (israeldefense.co.il)

2. Cybersecurity researchers were duped by North Korean hackers into opening infected files sent through email. Researchers were given the prospect to contribute to a research project. Hackers also managed to plot an ingenious scheme to lure researchers to malicious websites in an attempt to trick them into clicking on infected links. (cnbc)

3. One of the data centers of New Zealand’s central bank got breached by unknown hackers. (nbcnews)

4. Hackers from China launched a ransomware attack and demanded a $100 million ransom from 5 main gambling and gaming countries. (gamblingnews)

46+ Shocking Cybersecurity  Statistics

Based on extensive research, I present to you, 40+ cybersecurity statistics that will surely make you rethink the way you perceive your online privacy.

Data Breaches

Data Breaches

1. On average, there are 2,244 cyberattacks every day by hackers. This means, after every 39 seconds there is a new cyberattack on computers. (University of Maryland)

2. 5 of the biggest data breaches ever in the history of mankind include companies such as Yahoo, First American Financial Corp, Facebook, Marriott International, and Friend Finder Network with a combined number of records affected i.e. 5,877 Million. (CNBC)

3. The global average cost of a data breach is $3.92 Million (2019) which has increased by 1.5% since 2018. A growth of 12% from 2014 to 2019. (Security Intelligence)

4. Yahoo faced a massive data breach to date where 3 billion Yahoo accounts were affected in 2013. If that wasn’t enough, Yahoo faced another setback that affected 500 Million accounts. (NY Times)

5. 145 was the average number of security breaches that mean (+11%) increase since last year and (67%) increase since the last 5 years. (Accenture)

6. It took an average of 206 days for US companies to find a data breach. The previous year was 201 days, so there’s a slight increase. (IT Governance USA)

7. 43% of all Cyberattacks target small businesses. These cyberattacks include (64%) web-based attacks, (62%) phishing attacks, (51%) denial of service attacks, and (59%) malicious codes. (Cybint Solutions)

8. Large-scale cyber attacks are considered as the top 5 global risks that could destabilize the world economy. (World Economic Forum)

9. 279 days is the average time to identify and contain a breach. (IBM)

10. Uber paid $100,000 to hackers to delete stolen data of 57 Million people. When the news broke out, Uber admitted that it would have revealed the data breach to regulators soon. Uber then ousted CSO and one of his deputies from their role. (Bloomberg)

Cyber Crimes and Cyber Attacks

Cyber Crimes and Cyber Attacks

11.   92% of all the malware are delivered by email (PurpleSEC)

12. There is an 80% increase in new malware on Macs and a 92% increase in new downloader variants.

13. 46% increase in new ransomware variant and a total of 5.4 BillionWannaCry attacks blocked.

14. 21% of the cyberattacks originated from China, 11% from the United States, 7% from Brazil, and 6% from Russia. (Symantec)

15. 34% of the cyberattacks involved internal actors. (Verizon)

16. 71% of the data breaches and cyberattacks are motivated by financial gains while 25% of the breaches were motivated by the gain of strategic advantage. (Verizon)

17. The average cost of a ransomware attack is $133,000. It covers the cost of ransomware demanded and the cost of downtime. (Safe At Last)

18. It is predicted that businesses will fall victim to a ransomware attack every 11 seconds by 2021. (Safe At Last)

19. Large-scale DDoS attacks increased by 500%. (Cybint)

20. 24,000 is the average number of malicious mobile apps are blocked each day. 27% of these apps belong to the Lifestyle category and 20% belong to Music and Audio. (Symantec)

21. 69% of organizations do not believe that online security threats can be blocked by their anti-virus software. (Ponemon Institute)

22. Health Industry is the most affected by cyberattacks. (Ponemon Institute)

23. Countries that are highly affected by ransomware attacks are the United States (18%), China (12%), and Japan (10.7%). (Symantec)

24. A total of 90% of remote code execution attacks are associated with crypto mining. (CSO Online)

25. 1 in 13 web requests lead to malware which has increased 3% from 2016. (Symantec)

Cybersecurity Damages, Cost, and Spending

Cybersecurity Damages, Cost, and Spending

26. Cybersecurity damages are expected to reach $6 Trillion by 2021. (Cybercrime Magazine)

27. The cost per stolen record in the US is $150. That is a decrease from an all-time high of $158 per stolen record in 2016. (Statista)

28. The Healthcare industry had the highest data breach cost of $429 per record. (IBM)

29. Financial institutions spend $2,300 on average annual security spending per employee. (PR News Wire)

30. If your organization is impacted by a data breach, 67% of costs occur in 1st year, 22% of costs in the 2nd year, and 11% of the cost after 2 years. (IBM)

31. Extensive use of encryption reduces the cost of a data breach by an average of $360,000. (IBM)

32. One major contributor to the cost of cyberattacks is information loss which is at $5.9 Million. (Accenture)

33. The US and the UAE spend the highest amount on the post-data breach. (Ponemon Institute)

34. Share prices fall by 7.27% on average after a breach. (Cybint)

Cybersecurity’s Impact on Jobs

Cybersecurity’s Impact on Jobs

35. 82% of companies report having a shortage of cybersecurity skills. (ISSA)

36. 61% of employers believe that a cybersecurity certificate is far more useful for getting a job than for doing a job. (ISSA)

37. The unemployment rate in cybersecurity is 0% and is expected to remain the same by 2021. (ISSA)

38. By 2021, it is predicted that all of the large companies will have a Chief Information Security Officer (CISO) position. (Cybersecurity Ventures)

39. Cybersecurity job growth is expected to rise by 37% from 2012 to 2022. (Monster)

40. An estimated 500,000 companies across Europe have registered DPOs. (IAPP)

Cybersecurity Compliance Statistics

Cybersecurity Compliance Statistics

41. 88% of Companies spend $1 million or more while preparing for GDPR. (CSO Online)

42. 69% of Companies believe that mandatory compliance is mostly driving their spending. (CSO Online)

43. Google was fined $57 Billion for GDPR violations by CNIL when it comes to transparency and consent. (Tech Crunch)

44. GDPR is costing an average Fortune 500 company a sum of $16 million. (Forbes)

45. By the end of 2018, only 50% of companies believed that they were GDPR compliant. (Data Center Frontier)

46. In its first year, GDPR fined a total of $63 million. (GDPR)

47. After the implementation of GDPR, 31% of consumers believe their overall experience with companies has improved. (Marketing Week)

48. Big sport-related events such as the Olympics, UEFA, Wimbledon, and others are relying on Augmented Reality to innovatively bring exclusive content and fun engagement to spectators. (ARVR Tips)

Global VPN Usage Increased by >27.1% amid Coronavirus Outbreak

As the impact of COVID-19 spreads globally, VPN usage is on the rise. Ever since around 88% of all IT and tech companies worldwide transitioned their employees to work remotely from home (WFH) amid the pandemic, more and more people have started using VPNs. Check out the Best VPN tested and recommended by VPNRanks.

With the massive increase in demand, by the year 2027, it is expected that the VPN industry will generate a revenue of US$107.5 billion. According to Harold Li, vice president, ExpressVPN:

We are seeing strong demand in our services as more people spend more time indoors and employees around the world telework. Beyond using a VPN, we encourage users to practice good cybersecurity habits while working remotely

To better understand the worldwide increase in VPN usage, let’s take a look at this graph:

VPN usage increase in countries

In the Asia Pacific, by contrast, the growth rate of VPN usage is slightly slower likely because it has been experiencing the effects of COVID-19 since January 2020.

The only exceptions are the Philippines and Malaysia, which have been imposing stricter lockdown measures in the last few weeks and experiencing above-average growth in consumer VPN usage.

What Cyber Security Experts have to Say about Cyber Security Challenges in 2022…

Here are some of the opinions of cybersecurity experts and tech experts about cybersecurity challenges in 2022 and beyond:

“Americans no longer trust Big Tech after they have repeatedly been caught abusing user data. People want to see an end to tech companies trampling on our right to privacy and to take back control of their data.”

“There’s no federal data privacy law in the U.S. that governs the activities of big tech companies, despite 56% of Americans believing otherwise”

Harold Li – Data Privacy and Security Expert at ExpressVPN

“Preventing downtime and quickly getting systems back online is paramount during a security breach, which can quickly cost a company millions. This becomes even more challenging as businesses push networks to the edge and users up to their data usage”

“Preventing losses requires a network resilience plan, including solutions like smart out-of-band management, to quickly monitor and recover if the data plane is breached and the primary production network goes down”

Marcio Saito – Chief Technical Officer at Opengear

“As a direct result of the coronavirus outbreak, thousands of businesses in the US and around the world are forced to stand up remote access for their employees; this is being done quickly and under pressure. It’s difficult for anyone to do their best work under a time crunch with a pandemic breathing down your neck,  and IT staff are no different. Mistakes and misconfigurations will be made, and that will leave the door open for hackers”

David Kruse – Cybersecurity Expert at Tetra Defense

“Ransomware will become one of the biggest threats in 2021, particularly as it becomes less randomly sprayed at consumers, but as attackers sharpen their aim directly at local government, health-care organizations, and SMBs. Attackers will continue to automate ransomware, which is profitable repeat business.”

Daniel Goldberg – Security Research Expert at Guardicore

“The most common types of cyberattacks in 2021 will be those that utilize the human factor in cybersecurity.  What do I mean by that?  We’re going to continue to see an uptick in phishing and whaling attacks, the use of deep fake materials, and social engineering”

“Companies must implement robust information security training programs to educate everyone (from the C-Suite down) on these types of attacks”

Tom DeSot – EVP and Chief Information Officer at Digital Defense

“Phishing attacks, ransomware attacks, and IoT attacks are becoming the main problems in cybersecurity. Phishing attacks are becoming more sophisticated these days. hackers are using machine learning to quickly generate and distribute convincing fake messages under the assumption that recipients will accidentally compromise their organization’s systems and networks”

“Companies are constantly using stronger security measures to protect against ransomware attacks. IoT attacks are also a key concern because once hackers get control of your device, they will be able to lock down essential equipment and also overload networks just for financial benefits”

Kenny Trinh – Editor at Netbooknews

“Electronic Medical Records & Smart Medical Devices –   The health care industry is only just moving into the digital age, with this are concerns around privacy, security and cybersecurity threats. We have already seen the NHS get hacked with WannaCry which cost them over £92m”

Mandee Rose – Privacy Expert at TheVPNShop.com

“A new cybersecurity challenge has come up now that manufacturing companies are employing smart supply chains that leverage IoT and big data management. By employing AI systems and robotics, these supply chains are virtually automated, making their data a potential target for hackers. Unauthorized access to data on these systems could wreak havoc on the supply chain, which could lead to thousands of dollars in losses”

Jovan Milenkovich – Co-founder of Kommando Tech

Cyber Security Challenges According to David Lee Djangmah

David Lee Djangmah is an American security researcher, futurist, technologist, strategist, lawyer, consultant, and one who has survived 70 days lockdown in China due to the Coronavirus outbreak. 

Here’s what he had to say about Cyber Security challenges:

Due to heavy-handed Mainland Chinese censorship/cover-up, #iTHiNKLabs, like everybody else missed the COVID-19 (Novel Coronavirus) threat when the original Guide was drafted.

More than InfoSec, COVID-19 will dominate cybersecurity for the rest of 2021. Sadly, the great equalizer here is that InfoSec snobs treated COVID-19 as non-computer security-related until they, their customers, or buddies had to work from home, which reflects a lack of risk maturity shared with C-Suite that I’ve often warned against.

Computer security is NOT just about tech. The Mainland Chinese get it. The West doesn’t. IT Security didn’t factor in remote work challenges early on when #iTHiNKLabs started covering Coronavirus because they assumed it was the non-tech and political issues rather health security issues with cybersecurity implications lost time just like political leaders who squandered time.

Currently, millions of orders are being canceled in China and around the world. The Coronavirus pandemic will kill businesses, cost the world economy trillions of dollars, shift the global order, induce a global recession (depression likely), and derail tech careers.

Nevertheless, the net positive is that simultaneously, the pandemic will advance VPN Security (consumer AND enterprise), Zero Trust, and Cloud Security generally, as well as WiFi Security, while freeing the enterprise IT/cybersecurity budget.

Nevertheless, from a business survival standpoint, startups and small businesses are most at risk, although now is a good opportunity to stress test remote work feasibility across the board.

You can find Djangmah on Twitter and on #iTHiNKLabs since he is a co-founder and Editor-In-Chief there.

Key Takeaways

There are so many cybersecurity threats lingering on the horizon, but it is very little we can do to protect our online security. Extensive use of encryption is one way that can reduce the cost of data breaches by $360,000.

Despite that fact, hiring CISO and DPO in your organization who can implement strategies to protect information assets and to prevent any breach of data seems to be a good strategy.