Updated · Jan 10, 2024
Raj Vardhman is a tech expert and the Chief Tech Strategist at TechJury.net, where he leads the rese... | See full bio
Updated · Jan 03, 2024
Raj Vardhman is a tech expert and the Chief Tech Strategist at TechJury.net, where he leads the rese... | See full bio
Cybersecurity is often seen as one of those big problems that only large entities like banks, tech companies, and governments have to worry about. In reality, a lot more people should be concerned with cybersecurity and not just the big corporations. The latter may be indeed responsible for more data. Still, it is the smaller entities, such as companies with less than 1000 employees, that are at the greatest risk.
TechJury compiled a list of cyber security statistics to help visualize what is happening in the field as well as what to expect in 2022.
Here are some alarming cyber security facts:
Okay, let’s begin with the latest cyber security stats and facts.
In addition to dealing with the COVID-19 situation, companies have to protect themselves from cyber crimes as well. Here’s what the numbers reveal:
(Source: Expel)
As of January 2022 removable media are attack vectors that is an increases to 20% for incidents where the initial infection vector involved a physical endpoint.
USB flash drives are still a thing, and they can still wreak havoc by spreading malware.
Did you know that most people would plug an unknown flash drive into their computer?
(Source: Gartner)
Cybersecurity budget statistics reveal that these services are set to surpass the spending on on-premise and hybrid solutions.
(Source: Accenture)
Staying ahead of attackers is no cheap task. More than two-thirds of companies face financial difficulties while fighting the constant battle against cyber crime. However, considering the ingenuity of hackers, insider threats, and human errors, this trend is likely to continue.
(Source: Statista)
In 2019, the global IoT security market was estimated to be worth around $10.3 billion and is projected to have a compound annual growth rate (CAGR) of more than 15% from 2021 to 2028. However, in 2020 at $13.48 billion the market experienced a remarkable boost in growth due to the widespread shift towards remote work and online activities as a result of the COVID-19 pandemic.
Year | Market Size (in billion US Dollars) |
2016 | 7.28 |
2017 | 8.45 |
2018 | 9.83 |
2019 | 11.5 |
2020 | 13.48 |
2021 | 15.85 |
2022 | 18.69 |
2023 | 22.06 |
2024 | 26.09 |
2025 | 30.9 |
Source: (Tdwi)
The number of IoT devices has skyrocketed, giving hackers and cybercriminals a greater choice of targets. A portion of the rise is a result of the increased number of IoT devices, but the more significant issue is that related security isn’t keeping pace with the growing number of threats.
6. The cybersecurity market size is forecast to grow to $345.4 billion by 2026.
In 2021, it is anticipated that global security spending on IAM will amount to over 14 billion USD. The largest sector of the information security market, spending on security services, is anticipated to reach 72.5 billion US dollars in the same year.
Year | Market Share in billion U.S. dollars |
2021 | 217.9 |
2022 | 240.27 |
2023 | 262.22 |
2024 | 287.66 |
2025 | 315.56 |
2026 | 345.4 |
7. There is an increase from $9.84 billion in FY 2022 to $10.89 billion in FY 2023.
(Source: Statista)
The cybersecurity industry's expenditure reached approximately 40.8 billion US dollars in 2019, with predictions suggesting that the market could exceed 60 billion US dollars by 2021 as the optimistic projection. This estimation considers the effect of the COVID-19 pandemic.
(Source: PRNewswire)
The cybersecurity market is growing at a fast pace. As a result of a steady rise in cybercrimes, there is an increase in demand for security products and solutions.
(Source: AV-TEST)
Threat actors are creating malware like crazy.
Cyber security stats reveal that in 2019, there were almost 145 million new malware samples.
It’s almost like there’s a malware machine gun somewhere that’s constantly firing. And it’s trying to hit as many targets as possible.
On the bright side, there was a reduction in new malware between January and February 2022. In January, there was 11.41 million malware. Perhaps we’ll witness more drops.
(Source: Info Security)
This increased from 2019 when “only” 72% of UK companies experienced such an attack. On the bright side, there’s a drop in malware attacks - only 16% of businesses were affected, compared to 33% in 2019.
However, this is still a drop compared to 2020, when 78% experienced phishing.
(Source: Yahoo! Finance)
That’s a huge number!
If every person on Earth used passwords, each of us would have about 38. Ain’t that crazy? I can’t remember more than one, let alone 38. Thankfully, there are these cute little apps called password managers that can handle this problem.
Now.
If these cyber security statistics for 2022 weren’t enough for you, rest assured there’s many more below.
Often it is data breaches that steal the headlines.
(Source: ZD Net)
If a robbery took place and the perpetrators got away, how much of a head start do they have to cover their tracks? A day? An hour? Cyber criminals often get a neat 6-month head start, which makes tracking them down that much harder.
(Source: IBM)
Considering the colossal cost of these cyberattacks, companies should do their best to improve their security. Still, human error is a major factor, considering how many data breaches happen because of misconfigured databases.
(Source: Cybint Solutions)
With a large data breach, all eyes and fingers begin pointing to the IT department. The fact of the matter is that the IT department isn't usually the one to blaim for these data breaches. Information technology security breaches are few and far between. User error or actions that fall outside of IT recommended behavior will always cause more problems than just following the guidelines set by the IT department.
(Source: Parachute)
According to healthcare data breach statistics, the industry is taking a significant hit regarding cyber-attacks. Hospitals spend about $408 on every affected patient's record and $1.75 to fix their damaged reputation for every attack.
For this reason, the expected allocation of funds will increase for cybersecurity in the healthcare sector over the next few years.
(Source: PC Mag)
It seems that identity theft does pay. These breaches account for millions, with the price per breach ranging anywhere from $120-$600.
If we average these out at $360, then the total amount is in the billions. People talk about the cost of cyber security but seldom think about the cost of not having it.
Although these figures are down, the combined percentages of social security number thefts and identity breaches increased from 80% to 83%.
(Source: Enisa)
Smaller companies are more prone to cyber-attacks because they don’t employ proper defenses against advanced cyber threats, contributing heavily to these cyber security statistics.
Rate of businesses in the US and Canada experiencing a data breach from 2020 to 2021, broken down by business size.
Companies |
2020 |
2021 |
Large Business US |
43% |
74% |
SMB US |
12% |
61% |
Large Business Canada |
43% |
49% |
SMB Canada |
12% |
50% |
Cyber attacks vary in sort and severity, but they can be absolutely devastating, especially for small business owners.
(Source: Small Business Trends)
It makes a lot of sense that the little guy is targeted so often. While the benefit of such an attack for the hacker is relatively small, it is much easier to pull it off. Many small businesses have minimal security infrastructure, making them easy prey for data predators. Considering the number of cyber attacks per day, quite a few of those get targeted.
(Source: Cisco)
One may think when it comes to security, the more the merrier. However, having multiple security vendors is a great way to complicate your security infrastructure in a way that is likely to create greater vulnerabilities. It is best to stick with one security vendor and comply with all security updates and recommendations the vendor presents, according to various hacking stats.
(Source: Cisco)
Perhaps the more concerning side to cyber security statistics, in general, is the number of incidents that have gone unreported. Speculation would lead one to believe that the figure of 31% is significantly lower than reality. Whatever the case, this is an important figure to be aware of as it shows that hackers are proficient in finding the correct target.
(Source: Cox BLUE)
Another prevalent form of attack comes in the form of DDoS. This attack attempts to disrupt regular traffic to the desired web endpoint. Video gaming is a popular place for these attacks to occur because there are predictable and specific endpoints for most devices.
(Source: IBM)
Perhaps one of the most alarming cyber security statistics on this list is that 62% of global organizations cannot claim that they are equipped to handle a cyber attack. This void will lead the charge for improved cybersecurity in the future.
Malware is by far the most common type of malicious internet activity. One of the most common ways to protect your devices from malware is by using antivirus software.
(Source: Symantec)
Apple has generally been on top of its app store, not allowing malicious or harmful software onto iOS devices. Android has had a long journey there because of the freedom afforded to developers. Nevertheless, it improved radically over the past several years. Such malicious apps can still be accessed, but most devices do require user approval before installing any unverified third-party applications. Cyber attack statistics show this to be a key reason why harmful software for mobile devices is not such an issue anymore.
(Source: Cyber Security Ventures)
This type of malware can cripple entire systems or even render them useless. A successful attack can result in a cybersecurity breach that disrupts company operations and ruin its public image.
(Source: AV-TEST)
Mac computers have always been renowned for their threat security. But things seem to be changing. Malware statistics point to an astronomical increase. Is it possible that cyber criminals have found new vulnerabilities?
(Source: CISION: PR Newswire)
The healthcare industry accounts for the most records lost. This has to do with many factors including outdated systems, lack of cybersecurity training, and substandard protocols. In short, healthcare providers are an easy target with a lot to offer to potential criminals. It is no wonder why this industry is so often a target of large-scale cyber-attacks.
(Source: Cisco)
For some reason I find it concerning when a company tells me to check my spam folder. The spam folder is where many people get taken advantage of. Spam campaigns attempt to send the user to insecure or malicious domains in an attempt to mine data.
(Source: Cisco)
Microsoft Office is one of the most familiar sights in a modern working environment. Cybercriminals use these formats for their malicious files in attempts to lure unsuspecting victims into thinking it is just a simple spreadsheet or report. This is valid not only for recent cyber attacks, as executable files are masked as harmless. Well-known files have been a popular digital bait for years now.
A security specialist is one of the most promising career choices in the IT sector.
(Source: Cybint Solutions)
If you are a college freshman deciding on a major, then cybersecurity might be an attractive option. Not only are there plenty of openings, but the demand is expected to rise at an unprecedented rate. There are plenty of jobs available in tech nowadays, but perhaps none are as vital as security. The next few cyber security stats show just how pressing this need may be.
The supply of jobs was expected to outpace the demand. Chances are, companies will not be able to recruit enough cybersecurity experts. As cybercrime statistics show, this is one of the biggest problems that companies have to solve.
(Source: Cybint Solutions)
This is the silver lining. Many young people will be able to find gainful work in the cyber security sector. The unfortunate reality is much of this will be in response to attacks that will take place, and that there will be many more data breaches affecting millions of people within the next few years. Data breach statistics don’t suggest that the need for experts in the field will be lessened any time soon.
(Source: ZipRecruiter)
Particularly in North America, the field of cybersecurity pays well. However, this figure drops in Europe, the Middle East, and Africa, this amount is reduced to $93,535; in Latin America, it is considerably lower, at $22,185.
Position |
Salary in US dollars |
Chief information security officer(CISO) |
171,538 |
Application security engineer |
124,102 |
Senior security consultant |
121,922 |
Director of cybersecurity |
118,097 |
Penetration tester |
105,984 |
(Source: Cybersecurity Ventures)
Once again, just like the jobs figures, this points to a very secure future for those pursuing a career in cybersecurity. The question remains if these expected expenditures will be enough to prevent data breaches or at least bring them down significantly.
Source: (Cybersecurity Ventures)
Sadly, this crime rate only continues to rise. Criminals are finding increasingly clever and diabolical ways to get their hands on data. This, coupled with the projections for further data breaches, spells future challenges. Some estimates have the number as high as $10 trillion. In this context, whatever the cost of cybersecurity may be, it seems like a worthy investment.
(Source: Varonis)
I believe most people are guilty of not changing their passwords often enough. This is just making it easy for would-be cybercriminals to have easy access to sensitive information through compromised passwords.
An easy solution to these problems is an automated system that requires employees to regularly change passwords. Many such programs are free and easily implemented by IT professionals.
Changing passwords is not enough though. Employees should know how to pick a strong password as well.
Ransomware, especially with the advent of cryptocurrencies, is an increasingly popular way for hackers to make money.
(Source: Cisco)
A ransomware attack is designed to hijack the targets’ systems and hold them hostage in exchange for certain demands. These attacks are particularly effective and growing in number as the data from Cisco shows. The increase in cyber attacks is bound to continue in the foreseeable future.
(Source: Cybersecurity Ventures)
Once again, ransomware holds data and entire systems, hostage, until you meet the demands. Independent risk evaluators postulate that compliance with the perpetrator leads to more significant security vulnerabilities and greater total loss.
The numbers are estimated to increase over the years, reaching as high as $265 billion in 2031.
(Source: Cybersecurity Ventures)
Something that differentiates cybercrime from any other kind of crime is the automation that can be deployed by perpetrators. Automation allows for cyber attacks to be deployed simultaneously and relentlessly. The number of cyber attacks each day keeps going up. Automation may also be the key to protection but is not yet clear how to utilize this technology. As the stakes get higher and cyber criminals to become more aggressive, the incentive to develop a solution will rise as well.
System upgrades are not the easiest thing to implement. However, they become increasingly necessary to address adequately the growing security threats.
(Source: Varonis)
This isn’t as startling of a revelation when compared to the other cyber security stats, but it is an alarming number nonetheless. Of course, just because a file isn’t protected, doesn’t mean it’s accessible.
(Source: K2 Cyber Security)
As tech evolves, most do not upgrade immediately. Older systems have different security vulnerabilities. By the end of 2021, there were 20,061 recorded vulnerabilities.
Phishing mail, just like the popular hobby with a similar name, is extremely common and simple.
(Source: Verizon)
A tremendous amount of emails is sent every day around the globe. A big part of it is phishing emails.
Unsurprisingly, phishing attacks make up a large number of cyber security incidents. Statistics show that people aged 35-44 are the most likely victims of cybercrime, but it is quite likely that most of us have opened phishing emails at some point in time.
Kaspersky’s anti-phishing software has caught hundreds of millions of them every year.
(Source: Verizon)
As we await the arrival of next year's cyber security statistics, the report from Verizon shows that phishing attacks had a moderately high success rate. With more and more people understanding the dangers that lurk with these attacks, the hope is that this number will continue to fall in the coming years.
(Source: GraphUs)
Phishing attacks are the most common cyber security attack and are a big reason for many compromised passwords. If you check your spam folder in your email, it is more than likely that you will find several of them. If a phishing email makes it past filters into the inbox, to the untrained eye, it will seem like a legitimate message that is trustworthy.
Cyber security statistics show that this field will only continue to grow commensurately with the demand. Hackers and cybercriminals aren’t slowing down, so take some time to appreciate those keeping the digital side of our lives safe. This expanding industry figures to become more important with each year that comes.
Your email address will not be published.
Updated · Jan 10, 2024
Updated · Jan 09, 2024
Updated · Jan 05, 2024
Updated · Jan 03, 2024