It’s a dark and scary world out there in cyberspace.
Cyberattacks are nothing new, but they’re a growing problem for all types of businesses across all industries. Depending on the severity of the attack, there are a variety of defense mechanisms businesses can employ to fight back.
2019 cybersecurity statistics
With help from cybersecurity services, businesses can outsource the arduous task of assessing, protecting and remediating cybercrime. For a more hands-on defense, implementing specialized system security software is a common tactic to fight cybercrime. In other words, there are plenty of ways to fight back.
Despite the rise of cyberattacks, it’s natural for businesses, especially small businesses, to wonder if they’ll be impacted. They might ask, “Who would bother to attack us?” With these statistics, you’ll see exactly why cybersecurity should be on the radar of every business, no matter the size.
If you don't have time to read through all of these statistics, here's a quick summary.
Big-picture cybercrime statistics
With these statistics, the exponential rise in cybersecurity risk is in plain sight. Not only are we seeing a rise in cybercrime, email and mobile app security are increasingly threatened.
- Cyberattacks are the fastest-growing crime in the U.S. (Cybersecurity Ventures, 2017)
- Seventy percent of businesses surveyed believe their security risk increased significantly in 2017. (Ponemon Institute, 2017)
- In 2016, 95 percent of breached records came from three industries: government, retail and technology. (TechRepublic, 2017)
- In 2016, around one billion accounts and records were compromised worldwide, or roughly three for every American citizen. (TechRepublic, 2017)
- Around 24,000 malicious mobile apps are blocked every day. (Varonis, 2018)
- IoT attacks were up 600 percent in 2017. (Varonis, 2018)
- Ransomware attacks grow more than 350 percent every year. (Varonis, 2018)
- The U.S. receives 18.2 percent of all ransomware attacks. (Varonis, 2018)
- Ninety-two percent of malware is delivered by email. (Verizon, 2018)
How expensive is cybercrime?
The answer is: really expensive. These statistics showcase a data breach’s potentially huge impact, notably, the cost.
- The average cost of a data breach in 2017 was $3.62 million. (Ponemon Institute, 2017)
- Cybercrime will cost the world $6 trillion annually by 2021. (Cybersecurity Ventures, 2018)
- The average cost top companies spend on a malware attack is $2.4 million. Malware and web-based attacks are the two most costly attack types. (Accenture, 2017)
- The average cost for incidents involving more than 50,000 compromised records is $6.3 million. (IBM, 2017)
Recognizing the need for cybersecurity services
While statistics show cybersecurity is becoming a necessity across all industries, not all companies are implementing the necessary security measures to prevent a cyberattack.
- Only 25 percent of consumers believe most companies handle sensitive personal data responsibly. (PwC, 2018)
- Sixty-seven percent of organizations reported being breached at some point in the past. (Thales, 2019)
- Forty-four percent reportedly felt vulnerable to security threats, up from 30 percent a year ago. (Computer Weekly, 2018)
- Privacy concerns will drive at least 10 percent of the market demand for security services through 2019. (Computer Weekly, 2018)
- Forty-one percent of companies have over 1,000 sensitive files available for anyone to view, while 21 percent of all general files are not protected at all. (Varonis, 2018)
- More than 4,000 ransomware attacks happen every day. (FBI, 2016)
- Seventy-six percent of businesses reported being a victim of a phishing attack in the last year. (Wombat Security, 2019)
- It takes most companies more than six months to detect a data breach. (Ponemon Institute, 2017)
- Sixty-five percent of companies have more than 500 users who are never prompted to change their passwords. (Varonis, 2018)
- Only 25 percent of organizations have a stand-alone security department. (CSO Online, 2018)
- In 2017, 2.7 billion records were stolen, or twice as many as were stolen in 2016. (Wipro, 2018)
- In 2016, $3.5 billion was invested in 404 security startups, up from $1.8 billion invested three years earlier. (Fortune, 2017)
Cybersecurity risks for small businesses
Cybersecurity dangers are common for small businesses, too. The biggest is the lack of properly implemented security measures.
- Sixty-one percent of breach victims in 2017 were businesses with fewer than 1,000 employees. (Varonis, 2018)
- Just 14 percent of small businesses rate their ability to mitigate cyberrisks, vulnerabilities and attacks as “highly effective.” (Keeper Security, 2018)
- Sixty percent of small businesses that suffer a cyberattack are out of business within six months. (Denver Post, 2016)
- Small and mid-sized businesses are hit by 62 percent of all cyberattacks, or about 4,000 per day. (Denver Post, 2016)
- Fifty-one percent of small businesses are not allocating any budget at all to risk mitigation. (Huffington Post, 2016)
Taking cybersecurity action
On a lighter note, the numbers show an overall increase in cybersecurity awareness and action. More organizations are actively seeking to increase security measures, including hiring security staff and increasing cybersecurity budgets.
- Eighty-six percent of U.S. organizations plan to increase cybersecurity spending in 2019. (Thales, 2019)
- The security market is foreseen to grow 8.7 percent in 2019 to $124 billion, due in part to consultation costs related to the European Union’s General Data Protection Regulation (GDPR). (Computer Weekly, 2018)
- Seventy percent of hiring managers worldwide are planning to increase their cybersecurity staff this year. (eSecurity Planet, 2017)
- Eighty-seven percent of surveyed CEOs report they are investing in cybersecurity as a way to build trust with customers and clients. (PwC, 2018)
Cybersecurity should be on your radar
These statistics demonstrate the growth of cybercrime, as well as cybersecurity. While cybercrime is a scary idea to defend against, the growth of effective cybersecurity software should ease your mind, and perhaps convince you to implement one for your business, even if you’ve never encountered cybercrime.