55 Cybersecurity Statistics and Trends

Left and right, malicious programs and hackers are on the prowl, looking for the next susceptible target. The alarming incidence of data breaches and data theft has exposed corporations to the necessity for cybersecurity.

The following facts and figures prove the necessity for cybersecurity. Read on for the facts and trends that will shape the cybersecurity industry in 2022 and beyond.

Cyber Threat Statistics Involving Past Attacks and Breaches

Attacks and breaches have surged dramatically since 2020. These attacks were from perpetrators attempting to gain access to government and financial data.

Here are the figures that prove the growth and prevalence of cybersecurity threats:

1. Cybersecurity threats have surged by more than 30%, beginning in 2020. With the evolution of malware and phishing methodologies, threats are projected to increase in 2022 and beyond.
2. Cyber attacks have shot up by more than 50%.
   
3. Nearly 85% of all cyber attacks occurred because of malware and other bots opened via email.
4. Small businesses were the targets of up to 43% of cyberattacks in 2021.
5. Nearly a fifth of all data breaches were the result of stolen credentials and personal data.
6. From 2020 to early 2022, the Federal Bureau of Investigation (FBI) has received 791,790 reports of hacking and identity theft.
7. Verizon found that 36% of all data breaches and incidents of identity theft were the result of phishing.
8. Ransomware attacks peaked in 2021, victimizing various industries across the board including local government and educational sectors.
9. CyberSecurity Ventures estimates roughly 11 ransomware attacks taking place per second.
10. Cybercrimes skyrocketed by 600%, beginning in early 2020. Coincidentally, this development was concurrent with the COVID-19 pandemic. According to Business Insider, many of these cyber-attacks were through malicious emails.
11. There were six million total complaints of cyber-attacks and identity theft in 2021.
12. Distributed Denial of Service (DDoS) attacks took place 11% more frequently in 2021 than they did in 2020. According to Tech Scout, more than 549 million attacks were recorded, resulting in significant bandwidth losses in 2021.
13. There was a slight dip in the number of mobile malware attacks in 2021. Despite the dip, Kaspersky Labs still asserted the significance of mobile cybersecurity since the dip still represented 9.8 million incidences.
14. A 1.5 terabyte-per-second DDoS attack in June 2021 was one of the largest to ever be recorded in that year.
15. Spear phishing, a form of phishing targeting anyone with social media information, initiated up to 90% of all phishing attacks in 2022.

Cybersecurity Risk Statistics

Despite how cybersecurity measures are evolving, many corporations and industries remain susceptible to threats. Hackers continue to find ways around even the most sophisticated cybersecurity controls, as shown by these figures:

16. The methods cybercriminals use to get around security protocols evolve at a much faster rate than already-available cybersecurity protocols. This has prompted the importance of cybersecurity in making a business cyber-resilient, according to Accenture’s Cyber Resiliency Report.
17. More than half of all corporations are unaware that sensitive information is vulnerable to cyber-attacks, according to Tech Target.
18. Mobile phones are projected to be less susceptible to cyber-attacks in 2022. This is backed by a Kaspersky report that shows a steady decline in the incidence of cyber-attacks.
19. At least 29% of all small enterprises report that they are unprepared for phishing and ransomware attacks.
20. The vast majority of mobile malware (80%) is delivered through unverified or unrecognized apps instead of browsers.
21. According to Embroker, threats can go unnoticed for more than six months (197 days, in total). With each month that the threat remains undiscovered, companies lose productivity and customer credibility.
22. macOS is also at risk for malware. macOS malware has surged by more than 165% within just a year.
23. Small and medium-sized businesses are 61% more at risk of experiencing some form of cyber threat.
    
24. At least 83% of small business owners say that they do not have the finances to recover from a ransomware attack.
25. About 43% of small and medium-sized businesses lack contingency plans for cybersecurity threats, according to a report by Bullguard.
26. 20% of startups will likely lack any form of endpoint security like managed antivirus software and web filters.
27. According to statistics gathered by PurpleSec, at least 51% of malware is composed of trojans.
28. At any given time, at least 18 million websites have malware infestations, making these sites hazardous to access.
29. A third of all businesses whose systems became infected with malware recovered data after a week.
30. Up to 93% of systems are not safe from hackers and ransomware, according to Forbes.

Cybersecurity Threat Statistics by Industry

From 2020 until 2022, cyber-attacks have plagued many industries across the board. However, some industries were more susceptible to threats like ransomware and phishing than others.

31. The educational and research sectors are the most vulnerable to cyber threats, with hacking incidents shooting up to 75%.
32. The communications sector had 51% more reports of hacking than its original figures in 2020.
33. The educational and financial sectors are the most susceptible to DDoS attacks. Meanwhile, the businesses in the professional and manufacturing sectors are the most common victims of ransomware.
34. Cyber-attacks targeted the healthcare sector 71% more than they did in 2020.
35. The government sector — as well as the military — have reported a 47% increase in the discovery of cyber threats.
36. The education and research sector experiences as many as 1,605 cyber-attacks weekly.
37. Cyber-attacks on software supply chains have risen to an all-time high of 650%, according to Venturebeat. The company attributes this spike to the privileged access given to third parties.
    
38. Ransomware attacks directed at hospitals have affected patients in several ways. One of the most common was their hospital stays. According to Cybertalk, 70% of healthcare institutions have had to delay procedures and patient discharges due to ransomware attacks.
39. Financial services are one of the most at-risk sectors for their exposure of sensitive data. According to Varonis, the sector has exposed a surplus of 350,000 sensitive files, effectively inviting hackers.
40. At least 90% of all healthcare institutions and facilities report at least one data breach in a year.

The Cybersecurity Job Outlook

The numbers are a clear indicator of growing cybersecurity threats. With the higher priority corporations have placed on cybersecurity, the demand for cybersecurity specialists has spiked. The result is a larger range of opportunities for those within the cybersecurity space to find employment.

50. The cyberthreats from 2020 until the end of 2021 have created a demand for cybersecurity-trained workers. As of the beginning of 2022, the demand has ballooned to at least 377,000 workers domestically and 2.7 million overseas. This means 377,000 and 2.7 million domestic and global job vacancies, respectively.
51. At least 61% of organizations deem their in-house cybersecurity departments undermanned. With few qualified employees to fill these roles, the demand for cybersecurity skills is only expected to grow in 2022 and beyond.
    
52. Another factor behind the cybersecurity demand is the fast turnover rate. According to Tech Target, up to 66% of cybersecurity specialists quit due to burnout. This will likely leave cybersecurity in the hands of third-party providers — firms that also experience a manpower shortage.
53. Four out of five cybersecurity professionals report being overly fatigued owing to the nature of their work.
54. Due to the demand in the United States, the U.S. pays cybersecurity specialists the most. According to the most recent ISC Cybersecurity Workforce Study, cybersecurity employees can earn as much as $119,898 yearly.
55. Only 27% of cybersecurity graduates are workforce-ready.
56. A chief information security officer can earn as much as $170,538 yearly. Application security engineers can make anywhere from $121,000 to $124,102 a year.

Cybersecurity Trends and What the Future Holds

Ransomware and phishing attacks continue to grow in prevalence. Thus, many of the developments in cybersecurity are for the detection and resolution of these cyber threats and others.

1. Since cloud vulnerabilities are a key point of exploitation for hackers, Zero Trust protocols will be more prevalent. These protocols necessitate verifications at every step regardless of recent sessions.
2. The increase in IoT (Internet of Things) device usage has exposed many vulnerabilities, making it a focal point of cybersecurity in the years following 2022.
3. Experts predict that IoT connections will breach the three-billion mark by 2023.
4. The effectiveness of ransomware for hackers has given rise to a ransomware-as-a-service market. These services are offered at an affordable fee for hackers, so ransomware attacks may climb in 2022 and beyond.
5. The prevalence of breaches in 2020 and 2021 were the result of poor post-attack procedures. Many corporations will invest in security patches to address any gaps in security.
6. Email impersonation or social engineering is projected to increase in 2022, with effects extending to the crypto space, according to Embroker.
7. Nearly 70% of corporations have already increased their cybersecurity budgets to protect themselves from more sophisticated threats.
8. According to Kaspersky, cyber insurance, digital forensics, and cybersecurity training will be the next key cybersecurity investments for 85% of companies.

The Threats Continue To Grow and So Does the Desire To Contain Them

Cybersecurity will continue to be a priority for many industries in the years to come. As newer forms of cyber threats come to the fore, developments will play a perpetual game of “catch-up” to battle these threats.

Whatever the future holds, the world will bear witness to more trends and developments in cybersecurity in 2022 and in the years to come.