100 Latest Cybersecurity Statistics & Facts for 2023


The world is increasingly more connected, causing many good and bad things. These interesting cybersecurity statistics & facts tell how we should all care about staying safe online.

2022 Cybersecurity Statistics & Facts

  1. Human error causes 95% of cybersecurity breaches. (WEF)
  2. Security attacks grew by 31% from 2020 to 2021. (Accenture)
  3. Approximately 26% of all web traffic is bad bot traffic. (Imperva)
  4. Over 18 million websites are infected with malware every week. (Purplesec)
  5. Since 2001, the online victim count has increased 17 times, from six victims every hour to 97. (Surfshark)
  6. Every second, 95 user logins are stolen. (Thycotic)
  7. 21% of all files are completely unprotected. (Varonis)
  8. 70% of breaches in 2021 were financially motivated. (Verizon)
  9. The average time it took to identify a breach in 2021 was 212 days. (IBM)
  10. “123456” is still the most common password around the world, along with passwords like “password” and “qwerty”. (CNN)
  11. Cybercrime rates tend to go in tandem with major global events; the year after the Great Recession, financial losses to cybercrime increased by 115%, and the first year of the COVID-19 pandemic saw the victim count growing by 69%. (Surfshark)
  12. In the first month of the COVID-19 pandemic, Google blocked an astounding 18 million daily malware and phishing emails related to the coronavirus. (Google)
  13. Remote workers caused a security breach in 20% of companies during the pandemic. (Malwarebytes)
  14. Only 5% of companies’ folders are adequately protected. (Varonis)
  15. 42% of companies feel ‘cyber fatigue’ against defending against constant cyberattacks. (Cisco)
  16. 15% of organisations have over 1 million files accessible to all employees. (Varonis)
  17. 31% of consumers think their experience with organisations improved after the introduction of GDPR. (Marketing Week)
  18. 90% of the world’s predicted population of 7.5 billion is expected to be online by 2030, with an estimated 24.1 billion to 125 billion Internet of Things devices connected. (ITU)

Cybersecurity Threats: Malware, Phishing, DDoS

  1. In 2021, approximately 40% of breaches featured phishing, 11% malware and 22% hacking. (Verizon)
  2. 43% of all data breaches are insider threats, intentional or unintentional. (Check Point)
  3. A quarter of ransomware attacks target the manufacturing industry, 17% professional services, and 13% government organisations. (Security Intelligence)
  4. During the pandemic, confirmed data breaches in the healthcare industry grew by 58%. (Verizon)
  5. On average, companies dealt with 22 security breaches in 2020. (Tech Jury)
  6. In February 2022, experts recognised 8.77 million new malware, slightly less than in January. (AV-Test)
  7. Identity theft increased by 42% in 2020 compared to 2019. (Insurance Information Institute)
  8. 94% of malware comes through email. (Verizon)
  9. 48% of malicious email attachments are Microsoft Office files. (Symantec)
  10. Small companies (one to 250 employees) have the highest targeted malicious email rate at one in 323. (Symantec)
  11. The global average email breach density is 16.5 leaked emails per 100 Internet users. (Surfshark)
  12. In 6% of all analysed countries, email breach rates are higher than 50%. (Surfshark)
  13. Over 80% of reported security incidents are phishing attacks. (CSO Online)
  14. 57% of companies see weekly or daily phishing attempts. (GreatHorn)
  15. 65% of cybercriminals use spear-phishing as the primary infection vector. (Symantec)
  16. 90% of remote code execution attacks link to crypto mining. (Purplesec)
  17. A company falls victim to a ransomware attack every 11 seconds. (Cybersecurity Ventures)
  18. In 2019, 93.6% of malware was polymorphic, which means it can constantly change code to evade detection (Webroot Threat Report)
  19. Three out of four organisations have been victims of a ransomware attack, up by 61% in two years. (Mimecast)
  20. The first reported death due to a ransomware-led IT failure occurred in Germany in 2020. (Enterprise Apps Today)
  21. 32% of companies experience wrong users having privileged access, and 25% have problems with unauthorised users. (Purplesec)
  22. DDoS attacks are 39% more relevant in 2021 than in 2020. (Enterprise Apps Today)
  23. The app stores block over 24,000 malicious mobile apps daily. (Symantec)
  24. Over 300,000 Android users have downloaded banking trojan apps from Google Play Store. (Threat Fabric)

Global Cybersecurity Statistics

  1. In an ITU study, 133 countries have protection and privacy laws, 15 are currently drafting legislation, and 46 have no regulation. (ITU)
  2. Countries without data legislation are mainly in the Asia Pacific (18 countries), The Americas (11 countries) and Africa (11 countries). (ITU)
  3. 30% of data breaches in the US involve internal actors, compared to 17% in the Asia Pacific region and 13% in Europe, the Middle East and Africa. (Verizon)
  4. North America has the highest email breach rates, with 1 in 2 users. (Surfshark)
  5. The likelihood that a cybercrime entity is detected and prosecuted in the US is only 0.05%. (WEF)
  6. 64% of Americans have never checked if they’ve been affected by a data breach. (Varonis)
  7. Just 1 in 5 Americans updates their passwords after data breaches are exposed. (Varonis)
  8. Only 10% of cybercrimes in the US are reported. (CPO Magazine)
  9. 58% of nation-state cyberattacks originate from Russia. (Microsoft)
  10. The UK topped the cybercrime density list for email breaches in 2021, with a 40% increase to 2020. (Surfshark)
  11. In 2022, 39% of UK businesses identified a cyber attack. (UK Government)
  12. 83% of UK businesses said phishing attempts were the most common threat vector. (UK Government)
  13. 56% of UK businesses said they have a policy not to pay ransoms. (UK Government)
  14. Six Chinese companies own 30% of the world’s VPNs. (VPNpro)
  15. Africa has the lowest breached email rates, with just four breached accounts per 100 internet users. (Surfshark)
  16. The Asia Pacific region experiences a 168% rise in cyberattacks from May 2020 to May 2021. (The Check Point Research)
  17. The most significant increases in cyberattacks in the APAC region were in Japan 40%, Singapore (30%), Indonesia (25%) and Malaysia (22%). (The Check Point Research)
  18. While 83% of organisations in the Asia Pacific had a ransomware breach in the past five years, only 32% publicly disclosed its occurrence. (ExtraHop)
  19. 39% of IT decision-makers in the Asia Pacific have confidence in their organisation’s ability to mitigate or prevent cyberattacks. (ExtraHop)
  20. 20% of organisations in the Asia Pacific admitted they wouldn’t share if they were breached. (ExtraHop)
  21. 26% of teams in the Asia Pacific say they could enact mitigations in under a day, 39% within three days, 21% within a week and 8% within a month. (ExtraHop)
  22. Out of 54 African countries assessed, only 29 had cybersecurity legislation in 2021. (World Economic Forum)
  23. 52% of African companies feel unprepared to handle large-scale cyberattacks. (WEF)
  24. Over 90% of African businesses operate without the necessary cybersecurity protocols. (Interpol)
  25. More than 61% of African companies had a ransomware incident in 2020. (Lumu)
  26. Africa loses $4 billion annually to cybercrime. (Techcabal)
  27. 58% of Middle Eastern organisations expect to increase cyber spending in 2022. (PwC)
  28. In 2021, cyberattacks increased by 71% in the UAE, compared to 50% globally. (MEI)
  29. 84% of UAE companies paid a ransom for ransomware attacks, and out of the companies that paid, 90% had a second ransomware attack, and 59% found the data corrupted. (Cybereason)

The Cost of Cybersecurity

  1. Information loss is the most expensive component of a cyberattack, costing an average of $5.9 million. (Accenture)
  2. Financial breaches account for 10% of all attacks. (Verizon)
  3. Phishing victims lose the least amount of money on average, with $136 per victim, while victims of investment fraud lose the most at $70,811 on average. (Surfshark)
  4. The US witnesses the most expensive data breaches in the world, with an average of $4.24 million per attack. (IBM)
  5. Security breaches in the US cost an average of $9.05 million, while in the Middle East, they are $6.93 million, the second highest. (IBM)
  6. Total damages from cybercrime have a bigger economic impact than the GDP of all but two countries: the US and China. (Cybersecurity Ventures)
  7. Companies lose an average of $188,400 annually to cybercrime. (Insurance Information Institute)
  8. Small businesses spend less than $500 on cybersecurity. (Juniper Research)
  9. The average ransomware payment was $570,000 in 2021, increasing by 518% from the previous year. (GRC World Forums)
  10. In 2021, GDPR fines totalled $1.2 billion in 2021. (CNBC)
  11. 88% spent over $1 million preparing for the GDPR. (IT Governance)
  12. The healthcare industry lost around $21 billion to ransomware attacks in 2020. (Comparitech)
  13. The cyber insurance market is predicted to be worth $20 billion by 2025. (Allianz Global Corporate & Specialty)
  14. A basic malware toolkit can cost as little as $1 to acquire. (Fortune)
  15. Hackers are sometimes paid up to $500,000 by companies to test their cybersecurity systems. (CNBC)
  16. The average data miner earns less than $6 daily, but hackers can make over $166,000 on a single hack. (Crowdstrike)

Cybersecurity Professionals

  1. Over 77% of companies don’t currently have an incident response plan. (Cybint)
  2. 45% of SMEs say their processes are ineffective at mitigating attacks. (Ponemon Institute)
  3. 92% of an organisation’s IT environment is somewhat in the cloud. (Purplesec)
  4. 54% of companies say their IT departments aren’t adequate to deal with advanced cyberattacks. (Sophos)
  5. 69% of organisations think their antivirus software is useless against current cyber threats. (Ponemon Institute)
  6. Six in 10 security operations professionals believe only half of their cybersecurity applicants are qualified. (Cyberbit)
  7. The demand for data protection officers has increased by more than 700% because of GDPR since 2016. (Cybercrime Magazine)
  8. 2% of cybersecurity specialists are men, and 16.8% are female. (Zippia)
  9. 28% of enterprises think security is the most important feature when picking a cloud vendor. (Purplesec)
  10. 44% of surveyed executives say their growing use of partners and suppliers exposes them to more security risks, with 30% admitting their budgets aren’t sufficient to mitigate risks. (ThoughtLab)
  11. Security as a Service will represent more than 50% of the security software delivery. (Gartner)
  12. Cybersecurity job postings have increased by 74% over the past five years. (Cybint)
  13. Globally, there will be an estimated 3.5 million unfilled cybersecurity positions by 2025. (Cybersecurity Ventures)

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

Scroll to Top