IT cybercrimes are now an everyday concern for businesses. Cybersecurity statistics indicate a significant rise in breached and hacked data mostly involving workplace devices. Many organizations have poor security practices, making them vulnerable to cyber threats.
We’ve gathered 100 cybersecurity industry statistics so you’ll know the shape of today’s cybersecurity and provide a compelling case to have a more proactive mindset in protecting your company systems and information.
1. Cybersecurity Market Statistics
As more and more things get connected to the internet, the importance of cybersecurity will continue to expand in magnitude. With this favorable business scenario, these cybersecurity market size and growth statistics are likely to further increase.
- The global cybersecurity market is expected to develop from US$120 billion in 2017 to USD 300 billion by 2024. (Global Market Insights)
- Cybersecurity products and services will exceed USD 1 trillion in total value from 2017 to 2021 period. (Cybersecurity Ventures)
- The global cybersecurity market size is projected to grow to USD 248.26 billion by 2023. (Statista)
- For 2017 to 2022, the top industries worldwide predicted to experience the fastest growth in security spending are state/local government (11.9%), telecommunications (11.8%), resource industries (11.3%), banking (10.4%), federal/central government (9.9%), and other industries (8.3%). (IDC)
- The global cybercrime economy earns around USD 1.5 trillion yearly. (SSLStore)
- Global spending on security applications is predicted to increase from USD 103.1 billion in 2019 to reach USD 133.8 billion by 2022. (IDC)
- In 2019, Global 2000 and Fortune 500 CISOs will limit the number of point security products/solutions in use at their organizations by 15-18%. (Cisco via Cybersecurity Ventures)
- Total venture capital funding in cybersecurity firms have increased by 20% from USD 4.5 billion in 2017 to over US$5 billion in 2018. (Strategic Cyber Ventures)
- The cybersecurity market share had increased from USD 3.5 billion in 2004 to USD 120 billion in 2017, which is around 35 times for that 13-year period. (Wired)
- Cyber insurance policies are predicted to cost from USD 14 billion by 2022 to USD 20 billion by 2025. (Insurance Business)
- The single biggest risk organizations throughout Europe will be cybersecurity, prompting an increase in spending on cybersecurity in the region in 2019. (ECIIA)
- Energy companies invest below 0.2% of their revenue in cybersecurity as a rising number of hacker groups target the sector. (Bloomberg)
- 68 percent of US businesses have not purchased any form of cyber liability or data-breach coverage, showing that businesses are not adopting cyber insurance at a rate that matches the risks they face. (Cisco)
- The top 4 countries as per venture capital dollars invested in cybersecurity are the US, Israel, UK, and Canada. (BusinessFacilities)
- The cybersecurity capital of the United States is Virginia, WA, which is home to the most cybersecurity companies per capita in the nation. (BusinessFacilities)
- Singapore launched the very first commercial cyber risk pool in the world. It will commit up to USD 1 billion in risk capacity. (Yahoo)
- Israel, the world’s second-largest exporter of cybersecurity technology (behind the U.S.), took around US$ 1 billion or 20% of the total venture capital spending. (TechCrunch)
- The single-largest state government investment in a cybersecurity facility is the $100 million Hull McKnight Georgia Cyber Center for Innovation and Training in Augusta, Georgia. (HubGA)
- The US president’s cybersecurity budget for 2019 is USD 15 billion, a 4.1% increase versus 2018. (TheWhiteHouse)
- The US federal government’s demand cybersecurity technology will rise from $10.9 billion in 2018 to over $14.1 billion in 2023. (Deltek)
- A Wall Street Journal survey found that most of the 25 most populous American cities now have cyber insurance or are intending to buy such a policy. (WSJ)
2017-2022 CAGR (Estimated)
Source: IDC Worldwide Semiannual Security Spending Guide 2018 Designed by
This pace of cybersecurity growth is like to continue in the upcoming years as industries invest heavily in security solutions to meet the ever-expanding range of threats and requirements.
2. Cybercrime Statistics
One of the most serious challenges that this modern world must deal with for the short- and long-term is criminal activity. A number of cybersecurity reports suggest that the fastest rising crime worldwide is cyberattacks.
- For 2019, cybercrime-related costs are predicted to surpass US$2 trillion globally. (Juniper Research)
- On a yearly basis, cybercrime damages will cost the world $6 trillion by 2021. (Cybersecurity Ventures)
- Cybercrime is relatively far more profitable versus the combined operations of drug trafficking worldwide. (Cisco)
- Over 70% of the global cryptocurrency market will be used in criminal activities. (Cybersecurity Ventures)
- The FBI’s Cyber’s Most Wanted List includes 63 notorious criminals known to have committed a string of cybercrimes that have endangered and cost people and organizations billions of dollars. (FBI)
- Only 10 to 12% of the actual number of committed cybercrimes are reported to authorities. (Slate)
- Businesses operating in the Asia-Pacific region receive 6 cyber threats every minute. (Cisco)
The volume of cybersecurity data involving cybercrimes worldwide will continue to grow exponentially. Which is why to help you effectively combat against cybercrimes, it is mandatory for businesses to have a least one of the best IT security software platforms.
3. Cybercrime Costs & Damages Statistics
The collective damage and costs of cybercrime are far larger than those inflicted by natural disasters in a year.
- By 2021, cybercrime damages will cost the world $6 trillion yearly. (Cybersecurity Ventures)
- In 2018, the most common cyber attacks experienced by companies are phishing (37%), network intrusion (30%), inadvertent disclosure (12%), stolen/lost device or records (10%), and system misconfiguration (4%). (Statista)
- For 2019 to 2022, the top 10 most cyber-attacked industries are healthcare, manufacturing, financial services, government, transportation, retail, oil and gas/energy and utilities, media and entertainment, legal, and education. (Cybersecurity Ventures)
- 87% of Americans believe that the risk of becoming a victim of cybercrime is increasing. (ESET)
- Malicious websites posing as legitimate political sites were discovered and shut down. (BleepingComputer)
- Russia-linked social media accounts were used to interfere in the recent US elections, using third parties for buying ads to favor one presidential candidate. (USA Today)
- Most cybercrime statistics are undercounted. (Slate)
- Bitcoin is involved in around US$76 billion of criminal activities annually. (SSRN)
- Digital ad fraud had caused businesses to lose USD 19 billion in 2018, or around USD 51 million every day. (AdWeek)
- Nine of 10 Americans now see cybercrime as a challenge to the country’s security. (ESET)
- The total cost of illegal ads on online and mobile devices is expected to reach USD 44 billion by 2022. (Juniper)
- Cybercrime will incur up to USD 1.745 trillion in Asia-Pacific. (Microsoft and Frost&Sullivan)
Stolen/lost device or records%
Source: Statista Designed by
More cybercrime incidents will continue to be unreported. As such, businesses should actively do their part to prevent themselves from being a cybercrime statistic. The best time to upgrade your IT security platform is now because tomorrow will likely be too late.
4. Cyber attack Statistics
Ironic as it may, every technological advancement tends to result in an increase in cyberattack incidence. Advancements like IoT, mobile payments, and cloud computing, unfortunately, had given birth to new sophisticated cybercrime activities.
Enterprises & Organizations
- The Yahoo data breach in 2013 is by far the biggest data breach of all time, involving 3 billion accounts. (Quartz)
- The rest of the 10 largest data breaches of all time are: Marriott, 500 million accounts (2014-2018); Adult FriendFinder, 412 million accounts (2016); MySpace, 360 million accounts (2016); Under Armor, 150 million accounts (2018); Equifax, 145.5 million accounts (2017); eBay, 145 million accounts (2014); Target, 110 million accounts (2013); Heartland Payment Systems, 100+ million accounts (2018); and LinkedIn, 100 million accounts (2012). (Quartz)
- The number of attack groups using destructive malware to destroy and disrupt business operations grew 25%. (Symantec)
- The top 5 largest bitcoin hacks are Mt. Gox (2,609 BTC | +750,000 BTC, 2011); BitFloor (24,000 BTC, 2012); Poloniex (12.3 percent of all BTCs – 97 BTC, 2014); BitStamp (19,000 BTC, 2015); and Bitfinex (120,000 BTC, 2016). (CoinSutra)
- 28% of Ultra High Net Worth family wealth businesses have been cyberattack victims. (Forbes)
- A total of 111 billion lines of new software codes are produced annually, which offers cybercriminals a vast volume of vulnerabilities waiting for exploitation. (NetworkWorld)
- 78% increase in supply chain cyberattacks, and a 48% increase in attacks involving malicious email attachments via Office files. (Symantec)
- 40% Ultra High Net Worth family wealth businesses don’t have a cybersecurity policy. (Forbes)
- Only below 50% of all companies worldwide are properly prepared to fight against cyberattacks. (PricewaterhouseCoopers)
By Type of Cyber Attack
- In 2 to 3 years, zero-day attacks will happen daily. (InfoSecurity)
- Over the past five years, individuals and businesses making wire transfer payments have lost over US$12.5 billion to a sophisticated cyber scam called Business Email Compromise (BEC), or Email Account Compromise (EAC). (IC3)
- US$530 million NEM coins were lost in the 2018 Coincheck hack, which is considered as the largest cryptocurrency heist to date. (Time)
- For 2018, cryptocrime is costing legit cryptocurrency exchanges around USD 1 billion in losses. (ChainAnalysis)
- Law enforcement and financial institutions must protect over 400,00 ATMs in the US against jackpotting cybercriminals. (Wired)
- Jackpotting has made US businesses to lose over US$1 million in 2018. (Business Insider)
- By 2022, the total number of DDoS attacks will reach 14.5 million. (Cisco)
- For as low as USD 1, hacking tools and kits for all types of cybercrimes have been available online. (Fortune)
- A DDoS attack can affect up to 25% of the total internet traffic in a country. (Cisco)
For small businesses, running a business is already cost-intensive. Factoring one’s cybersecurity costs make the financial challenge from worst to almost impossible. Good thing, though, there are more than a dozen free, yet robust IT security solutions that SMBs can readily select from and deploy in their operations.
5. Cybersecurity Jobs Statistics
The best approach to fight cyber criminality is through the current initiative for diverse cyber work environments as this drives the generation of powerful creative problem solving to effectively address the unrelenting threat of cybercrimes worldwide.
Cybersecurity Job Market in the U.S.
- The US cybersecurity workforce now totals to almost 715,000, with around 314,000 positions currently unfilled. (CyberSeek)
- Maryland is the top cybersecurity employer worldwide. It is home to over 150,000 cyber-related data science and engineering professionals. (Cybersecurity Ventures)
- The Washington D.C. Beltway is a center of the world’s cybersecurity activity. (DataTribe)
- The second-biggest concentration of cybersecurity professionals is in San Antonio, Texas. (BusinessFacilities)
- CISOs working in Fortune 500 firms that operate in large urban areas are paid higher, from US$380,000 and higher. (Forbes)
- The salaries of the best coders with leadership and cybersecurity skills go beyond US$225,000 a year. (Forbes)
- In 2019, a CISO position holds the second-highest paying tech job in 2019, with a $175,000 to $275,000 average salary. (TechRepublic)
Cybersecurity Jobs in other Parts of the World
- By 2021, 100 percent of Fortune 500 and Global 2000 enterprises will have a CISO or equivalent position. (Cybersecurity Ventures)
- Some elite hackers earn around US$500,000 a year. (CNBC)
- By 2021, a total of 3.4 million cybersecurity jobs will be vacant. (Cybersecurity Ventures)
- In 2014, cybersecurity openings breached the 1 million mark. (Cisco)
- From 2011 to 2019, the unemployment rate in the cybersecurity industry has been zero. (Monster)
- Job positions in 67% of organizations have experienced cybersecurity attacks over the past year. (Microsoft and Frost&Sullivan)
- The shortage of cybersecurity professionals is close to 3 million globally. ((ICS)2)
- Global spending on employee training for security awareness will reach $10 billion by 2027. (Cybersecurity Ventures)
- The cybersecurity job market is predicted to continue expanding. (Cybersecurity Ventures)
- The Asia-Pacific region has the largest shortage of cybersecurity professionals at 2.15 million. ((ICS)2)
Job Shortage per Region
Source: 2018 (ICS)2 Cybersecurity Workforce Study. Designed by
Every IT job is now a cybersecurity position. Every IT staff must be involved with protecting and defending people, data, apps, devices, and business infrastructures.
6. Hacking & Ransomware Statistics
From its very first incident involving Vietnam vet John Draper in 1971, computer hacking had since been causing havoc to businesses and people worldwide. Ransomware, considered as the cybercrime model of choice for hackers, is the fastest-growing, with damages predicted to be 57 times more by 2021.
- Steadily growing from USD 325 million in 2015 to USD 5 billion in 2017, worldwide ransomware damage costs are projected to increase to USD 11.5 billion for 2019 and reach USD 20 billion by 2021. (Cybersecurity Ventures)
- Enterprise ransomware detections had increased by 12% in 2018. (Symantec)
- For 2018, ransomware attacks are estimated to have increased by 350%. (IndustryWeek)
- From every 40 seconds in 2016 to every 14 seconds in 2019, businesses are predicted to fall to a ransomware attack every 11 seconds by 2021. (Cybersecurity Ventures)
- 81% of all ransomware infections involve enterprise organizations. (Symantec)
- Over 90 percent of successful hacks and data breaches stem from phishing scams that mainly use emails. (KnowBe4)
- NoMoreRansom had helped over 72,000 ransomware victims worldwide. (NoMoreRansom)
Along with other hacking threats, ransomware activities will continue to be a big problem for organizations worldwide. Training users on the proper ways of detecting and reacting to these threats and using robust, secured email management solutions are effective ransomware deterrents.
7. Cybercrime per Industry Statistics
Over the past six decades, the world’s criminal attack environment had transformed from phone systems into today’s billions of digitally-connected devices. This makes it more and more difficult to effectively secure them.
- The global healthcare is the most vulnerable industry to cybercrime in 2019. (Crowe)
- Between 2017 and 2021, ransomware attacks on healthcare organizations are forecast to increase by 5 times. (Cybersecurity Ventures)
- Out of 18 US industries, healthcare ranks as the 15th lowest performing in terms of endpoint security. (The SSL Store)
- From 2017 to 2021, the healthcare industry will spend over $65 billion cumulatively on cybersecurity products and services. (Cybersecurity Ventures)
- For every seven phishing emails, one is opened by hospital employees. (The SSL Store)
- Personal health information is 50 times more expensive on the black market versus personal information. (CNBC)
- On average, healthcare will experience around 2 to 3 times cyberattacks in 2019 more versus other industries. (Cybersecurity Ventures)
- Stolen patient health records can command over $60 per record. (CNBC)
- 48% of UK manufacturers are verified targets of cybercrime. (Make UK and AIG)
- 38.4% of mining companies were targeted using malicious emails. (Symantec)
- For every 302 emails sent to public administration users, one email is malicious. (Symantec)
- There are now over 20 ATM malware families that threaten the banking industry. (Kaspersky Lab)
Targeted users Per Year (2019)
Agriculture, Forestry & Fishing%
Transportation & Public Utilities%
Finance, Insurance & Real Estate%
Source: The SSL Store Designed by
Very inadequate security practices, weak and shared passwords, plus vulnerabilities in code, exposes hospitals and other business establishments to perpetrators intent on hacking treasure troves of patient and customer data.
8. Formjacking & Cryptojacking Statistics
Formjacking and cryptojacking are relatively new forms of cybercrimes. They have already incurred significant losses and damages. They’re now a very serious threat that Google will be banning all cryptocurrency mining extensions from Chrome.
- 25% of all businesses worldwide have been victimized by cryptojacking in 2018. (CoinCentral)
- On average, formjacking codes compromise around 4,800 websites every month. (Symantec)
- For 2018, cryptojacking incidence rate had increased by a whopping 459% worldwide, mostly involving hackers mining Monero and bitcoin cryptocurrencies. (Cyber Threat Alliance)
- Cryptocurrency prices dropped by almost 90% in 2018 mainly due in part to the increase in cryptojacking. (Symantec)
- By using highly-sophisticated methods, cryptojacking attacks can only be detected around 50% of the time. (BitCoin Magazine)
- The top 10 most profitable cryptomining sites can generate from USD 119 to USD 340 daily. (The Register)
- The first hacker convicted of SIM swapping was recently sentenced to a 10-year prison sentence. (Motherboard)
Cybercriminals will continue with their nefarious ways of coming up with novel and more sophisticated ways of attacking the vulnerabilities of digital systems, including common business software applications. Everyone should proactively protect his or her information at all times.
Plan your cybersecurity business strategy
Cybercrime isn’t going away anytime from now. From all accounts, it’s expected to grow more in number, reach, and sophistication in the years to come. It’s great that your business now has an effective cybersecurity system. To ensure fool-proof protection, an organization should have a culture of safety and cybersecurity excellence. Here are some of the important takeaways of this selection of this year’s cybersecurity statistics:
- The global cybersecurity market will continue to experience substantial growth.
- The new preferred venue of criminals worldwide is the Internet.
- Cybercrime costs and damages are higher versus those of natural calamities.
- Every technological innovation tends to open new opportunities for cybercriminals.
- Cybersecurity jobs will grow more.
- Ransomware has become the hacking method of choice among cybercriminals.
- Hospitals are the most vulnerable among all types of business to cybercrime.
- Cryptojacking is stifling the growth of bitcoin and other cryptocurrencies.
Every business should be aware of the various cyber threats that can impede its operations. With such a stance and knowledge, it will be easier to select the correct cybersecurity solution for your business. With so many threats lurking in numerous places all the time, today, not tomorrow, is the best time to upgrade your cybersecurity system.