By Security Features • April 22, 2019

80 Eye-Opening Cyber Security Statistics for 2019

cyber security statsCyber attacks have never been more prevalent than they will be in 2019 

It’s an interesting and challenging time to be working in the cyber security industry. By and large, research indicates that cybercrime is on the rise — news headlines support these findings as major companies like Marriott, Equifax, Yahoo, and Facebook find themselves in the crosshairs of cyber attacks. Even sacrosanct governmental election processes the world over are not excluded from falling prey to cybercriminals and are a part of the increasing statistics about cyber security and cyber attacks.

In this article, we’ll present you with essential cyber security statistics but also want to take a moment to recognize that this incredibly broad category encompasses many areas of concern for individuals, IT security professionals, and business leaders alike. This range of topics include everything from cyber security vulnerabilities such as unpatched software and expired security certificates to the costs of cyber security attacks to the number of businesses that implement adequate (or inadequate) cybersecurity measures and policies. Cyber security statistics also includes a variety of other topics, but we have neither the time (nor the attention span) to cover all of them in one article. So, we’ll limit it to several categories but will cover other areas in a future article.

So, what numbers have made our list of the 80 top cyber security statistics for 2019? As the saying goes around here: Let’s hash it out.

Cyber security statistics: The cybersecurity industry overall and its economic outlook

While it’s vital to stay abreast of the most recent cyber security attack statistics and information, it’s also important to be aware of general statistics about cyber security as an industry overall, including its economic outlook. Depending on where you stand on the side of the cyber security market, the following statistics paint a positive or bleak outlook for your business concerning industry gender representation, profitability, or the mounting costs of protecting your business, customers, and data:

1 – $1.5 trillion cybercrime economy
The cybercrime economy has grown to enjoy at least $1.5 trillion in profits each year.

2 – 300 billion cybersecurity market
The value of the cyber security market is anticipated to reach $300 billion by 2024, according to a 2019 press release by Global Market Insights, Inc.

3 – $15 billion in cyber security funding
According to the 2019 President’s Budget released by the White House, the U.S. government plans to spend on cybersecurity-related activities this year — a 4.1% increase ($583.4 million) over the 2018 budget. However, according to the budget document, the caveat is that “Due to the sensitive nature of some activities, this amount does not represent the entire cyber budget.”

4 – 9% increase in cyber security spending
Despite data breaches rising at inordinate rates each year, Juniper Research’s Cybercrime & the Internet of Threats 2018 report anticipates cyber security spending will only increase by 9% on average per company, per annum.

5 – Small businesses invest <$500 per year in cyber security products
The average amount small businesses spend on consumer-grade cyber security products each year, according to Juniper Research’s 2018 study. This constituted 13% of the overall cybersecurity market that year.

6 – Women anticipated to make up 20% of the cybersecurity workforce
Cybersecurity Ventures estimates that women will represent 20% of the global cybersecurity workforce by the end of the year, according to a company press release.

7 – 20% of CISOs anticipated to be women in 2019
Women are anticipated to hold 20% of Chief Information Security Officer (CISO) roles in the cybersecurity workforce by the end of the year, according to Forrester’s Cyber Predictions for 2019. This number is up from 13% in 2017.

8 – 49.6 day period between breach discovery and reporting dates
The average number of days between when a data breach was discovered and reported was nearly 50 days in 2018, according to a report from security intelligence vendor Risk Based Security (RBS).

9 – >70% of cryptocurrency transactions for illegal activity
The percentage of all cryptocurrency transactions predicted to be used for illicit activity is anticipated to be 70% by 2021, according to the Cybersecurity Almanac 2019 by Cybersecurity Ventures.

10 – Security breaches up >11%
The percentage by which security breaches have increased over the past year, according to the Ninth Annual Cost of Cybercrime global study by Accenture.

11 – Security breaches increased by 67%
Over the past five years, security breaches have increased by 67%, according to Accenture’s global survey.

12 – SMBs are targeted 43% of the time
SCORE reports that 43% of cyber attacks target small businesses.

13 – Ransomware attacks occur every 14 seconds
The frequency in which Cybersecurity Ventures predicts that a business will fall victim to a ransomware attack this year in its 2019 Official Annual Cybercrime Report (ACR). The company also estimates that number will increase to every 11 seconds by 2021.

Cyber security statistics: The costs of cyber security attacks

The costs and damages that result from unaddressed cyber security vulnerabilities are, by no means, chump change. Cyber security attacks statistics should be an eye-opener for every company — particularly those that operate under the assumption (or with the hope) that a cyber attack will never happen to them. Anyone who thinks that their company — no matter how small or large — is not at risk because they lack cyber security vulnerabilities is fooling themselves. Simply put, as technologies evolve and cyber criminals become more advanced, it is a matter of when, not if cyber security attacks will occur.

Here are some of the cyber security statistics relating to the costs of cybercrime and cyber security attacks:

14 – Cybercrime damages to reach $6 trillion annually
Cybercrime damages are anticipated to cost businesses and organizations $6 trillion annually by 2021, according to the 2019 ACR from Cybersecurity Ventures. This number, which is up from the company’s 2015 estimate of $3 trillion in cybercrime damages annually, “represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.”

15 – Ransomware damage estimated to reach $20 billion globally
The Cybersecurity Ventures annual crime report indicates that the same costs will reach $11.5 billion annually this year and $20 billion per year by 2021. Unsurprisingly, this type of year-over-year increase in anticipated damages makes ransomware the fastest-growing type of cybercrime in the past year.

16 – Cybercrime costs organizations $13 million per year
The average cost of cybercrime for an organization is estimated to be $13 million per year, according to Accenture’s global study.

17 – $1 cybercrime tools and kits
Cybercrime tools and kits can be purchased for as little as $1 on the Dark Web and online marketplaces, according to the Cybersecurity Almanac 2019 by Cybersecurity Ventures.

Cyber security statistics: Victim data and compromised records — by the numbers

When we’re talking about victims of cyber security attacks[, we’re referring to individuals, companies, and other organizations that are targeted or victimized in some way. The goal for cyber criminals is often to acquire information — personal information, names, addresses, financial and other account information, passwords, trade secrets, intellectual property, etc. — that can be used, traded, or sold on the Dark Web. They accomplish these goals through a variety of methods such as phishing and spear phishing emails, URL hijacking, structured query language (SQL) injections, and man-in-the-middle (MitM) attacks, as well as a litany of other methods.

In some cases, the goal is purely financial — they seek to manipulate and trick targeted employees into making large wire transfers to fraudulent accounts through business email compromise (BEC) and CEO fraud attack tactics. Why should the modern criminal go through the hassle of trying to rob a bank the old-fashioned way when they can get the employees at virtually any company to fork over thousands or even millions of dollars to them unwittingly?

Here is a glimpse of top cyber security threat statistics and cyber attack information relating to compromised victims and records:

18 – USA is No. 1
While this is something many Americans are usually proud to chant, in this case, it’s not necessarily a positive attribute. The United States holds first place in the ranks of the top countries that are targeted cyber security attacks, according to Norton Security.

19 – 12 Breaches Results in +100 million exposed sensitive records
All it took was 12 data breaches to expose 100 million (or more) sensitive records in 2018, according to RBS’s report. These 12 breaches accounted for nearly three-quarters of all records exposed that year.

20 – 60% of Americans exposed to fraud schemes
Sixty percent of Americans report they or an immediate family member have been victims of a scheme to defraud, according to research from The Harris Poll and the American Institute of CPAs (AICPA).

Continue reading Casey Crane's, 80 Eye-Opening Cyber Security Statistics for 2019