Since 2003, October has been recognized as Cybersecurity Awareness Month. The US Department of Homeland Security and the National Cyber Security Alliance initially established this month-long observance to provide resources and encourage individuals and businesses to stay safe online and protect themselves against cyberattacks. The month has grown exponentially, with companies and even governments, including Minnesota, joining to raise awareness around cyber threats.
Small businesses are often the targets of cyberattacks because they have a moderate amount of data but lack the resources to have strong security. Cybercriminals can steal your money, company data, customer data, employee information, vendor details and cause severe damage.
So, to protect your business, you should know the different types of attacks and the threats they pose. Below, we compiled a list of statistics from a variety of studies and blogs to give you an idea of the current state and trends of cybersecurity.
Cybersecurity Statistics
We broke the cybersecurity statistics into four main sections, including the cost of cyberattacks overview, cybercrime and SMBs, facts by type of threat, and COVID-19 impact on cybersecurity.
Cost of Cyberattacks
- Cybercrime will cost companies worldwide an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015. At a growth rate of 15 percent, year over year. (Embroker)
- Global spending on cybersecurity products and services is predicted to exceed $1 trillion cumulatively over the five years from 2017 to 2021. This is a 12-15% year-over-year cybersecurity market growth from 2021. (Embroker)
- In yearly and aggregate data for complaints and losses over the years 2016 to 2020, FBI’s Internet Crime Complain Center received a total of 2,211,396 complaints, reporting a loss of $13.3 billion. (IC3)
- In 2020, the IC3 received 19,369 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints with adjusted losses of over $1.8 billion. (IC3)
Cyber Crime and SMBs
- 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves. (Accenture)
- 66% of small to medium-sized businesses have experienced a cyberattack in the past 12 months. (Ponemon)
- 70% of small businesses are unprepared to deal with a cyberattack. (PurpleSec)
- 51% of small businesses say they are not allocating any budget to cybersecurity. (PurpleSec)
- 68% of business leaders feel their cybersecurity risks are increasing. (Accenture)
Cybersecurity Facts by Type of Threat
Here are cybersecurity statistics separated by type of cyber threat.
1. Ransomware
- As of 2021, there is a ransomware attack every 11 seconds, up from 39 seconds in 2019. (CISA)
- At the end of 2016, a business fell victim to a ransomware attack every 40 seconds. (Embroker)
- Ransomware incidents -- if paid, ransomware can cost tens of thousands of dollars. (CISA)
- The Datto report highlights that 1 in 5 SMBs experience a ransomware attack. (Nordpass)
- In the first quarter of 2020 alone, ransomware attacks on SMBs rose by a whopping 67%. Also, in 2020, 73% of all ransomware attacks were successful. (Nordpass)
- Manufacturing companies account for nearly 25% of all ransomware attacks (Varonis)
2. Data Breaches and Stolen Credentials
- A 2019 report found that security breaches had increased by 67% over the last five years. (Accenture)
- A 2020 report found that it took an average of 280 days to identify a breach. (Patchstack)
- According to IBM, it takes a business 197 days to discover the breach and up to 69 days to contain it. (IBM)
- Companies that contained a breach in less than 30 days saved more than $1 million compared to those that took more than 30 days. (Embroker)
- 45% of breaches featured hacking, 17% involved malware, and 22% involved phishing. (Verizon)
- 47% of SMBs reported that a cyberattack against them involved an employee's compromised password. (Nordpass)
- 73% of the world's most popular passwords can be cracked in less than a second. (Nordpass)
- 37% of all breaches involve the use of stolen credentials. (Expert Insights)
- 61% of data breaches are caused by a stolen password. (Verizon DBIR)
- Microsoft found that over 579 password attacks take place every single second—that's over 18 billion per year. (Microsoft)
- Weak passwords account for 77% of all cloud breaches, and account compromise attacks rose by 20% in 2020. (Expert Insights)
3. Phishing
- 75% of organizations globally experienced a phishing attack in 2020, and 74% of attacks targeting US businesses were successful. (Proofpoint)
- After declining in 2019, phishing increased in 2020 to account for 1 in every 4,200 emails. (Varonis)
- $17,700 is lost every minute due to a phishing attack. (Varonis)
- Recent research has shown that 96% of phishing attacks are delivered by email. (Verizon DBIR)
- 22% of data breaches involve phishing. (Expert Insights)
- IC3’s report found that phishing, including vishing, smishing, and pharming, was the most prevalent threat in the US in 2020, with 241,342 victims. (IC3)
COVID-19 and Cybersecurity
The COVID-19 pandemic created an influx of cyberattacks due to the uncertainty and lack of protection around remote working.
Here are some COVID-19 cybersecurity statistics:
- Since the pandemic started, the FBI noted a 300% increase in reported cybercrimes. (The Hill)
- Confirmed data breaches in the healthcare industry increased by 58% in 2020. (Verizon)
- In April 2020, Google blocked 18 million daily malware and phishing emails related to Coronavirus. (Google)
- Remote work has increased the average cost of a data breach by $137,000. (IBM)
- Remote workers have caused a security breach in 20% of organizations. (Malwarebytes)
- Half a million Zoom user accounts were compromised and sold on a dark web forum in April 2020. (CPO Magazine)
- The number of phishing emails spiked by an alarming 667% during the first peak of the pandemic. (Expert Insights)
Improve Your Business’ Security Today
There’s no question that cyberattacks devastate companies and individuals. These statistics showcase the frequency, cost, risk, and overall danger of cyberthreats for small to medium-sized businesses. Don’t become a statistic; begin the process of safeguarding your data and combat cyberattacks now.
Our team of tech professionals helps companies in Minnesota and Wisconsin build up their cybersecurity. Schedule a security check and start protecting your business today with Nicolet Tech.
To learn more about cybersecurity, head to our blog here.
