Email Encryption Statistics 2024 – Everything You Need to Know

• Bill / invoice 15.9% Email delivery failure 15.3% Legal / law enforcement 13.2% Scanned document 11.5% Package delivery. ^[3]
• 7% bill / invoice 3% email delivery failure notice 4% package delivery. ^[3]
• Human error and system failure account for 52% of data security breaches. ^[5]

Email Encryption Adoption Statistics

• The increasing adoption of cloudbased platforms is still leaving cybersecurity professionals playing catch up 93% of companies deal with rogue cloud apps usage. ^[0]

Email Encryption Latest Statistics

• One of the main data that points to email as the main vector of threats and cyber attacks comes from the Verizon report 94% of security incidents with malware occur through the use of malicious e. ^[6]
• Phishing incidents increased by 110%, from 114,702 incidents in 2019 to 241,324 incidents in 2020. ^[6]
• About 80% of the worldwide email traffic is spam. ^[6]
• 91% of cyber attacks come from email. ^[6]
• Social engineering attacks, including phishing, are linked to about 22% of cases of breaches. ^[6]
• 65% of cybercriminal groups use spear phishing as the primary vector of infection. ^[6]
• Phishing is involved in 78% of cyber espionage incidents. ^[6]
• 48% of malicious files used in email phishing scams are Office files. ^[6]
• Attacks using Office files increased by 67% in 2020, to about 1 in 4, while attacks using PDF decreased by 22%, to 1 in 10. ^[6]
• Phishing attacks grew by 250%. ^[6]
• 54% of IT and security leaders reported an increase in phishing attacks since the beginning of the COVID. ^[6]
• Toyota Boshoku Corporation, an auto parts supplier, suffered an estimated loss of USD 37 million in 2019 due to a social engineering and BEC attack. ^[6]
• Outbound email encryption 79% DayOutbound emails Jan 29, 202480%. ^[7]
• Jan 31, 202490% Feb 1, 202489% Feb 2, 202490% Feb 3, 202490%. ^[7]
• Feb 5, 202483% Feb 6, 202484% Feb 7, 202491%. ^[7]
• Feb 10, 202491% Feb 11, 202490%. ^[7]
• Feb 12, 202484% Feb 13, 202486%. ^[7]
• Feb 17, 202491% Feb 18, 202489%. ^[7]
• Feb 24, 202491% Feb 25, 202490%. ^[7]
• Feb 26, 202485% Feb 27, 202486%. ^[7]
• Feb 28, 202492% Mar 1, 202491% Mar 2, 202492% Mar 3, 202491% Mar 4, 202490%. ^[7]
• Mar 5, 202486% Mar 6, 202487% Mar 7, 202492% Mar 8, 202492%. ^[7]
• Mar 9, 202492% Mar 10, 202492% Mar 11, 202491% Mar 12, 202486% Mar 13, 202487% Mar 14, 202492% Mar 15, 202492% Mar 16, 202491% Mar 17, 202490%. ^[7]
• Mar 18, 202490% Mar 19, 202484% Mar 20, 202485%. ^[7]
• Mar 22, 202491% Mar 23, 202490%. ^[7]
• Mar 24, 202490% Mar 25, 202490% Mar 26, 202484%. ^[7]
• Mar 27, 202485% Mar 30, 202491% Mar 31, 202491%. ^[7]
• Apr 2, 202485% Apr 3, 202486%. ^[7]
• Apr 5, 202491% Apr 6, 202491%. ^[7]
• Apr 7, 202491% Apr 8, 202490%. ^[7]
• Apr 10, 202485% Apr 11, 202491%. ^[7]
• Apr 14, 202488% Apr 15, 202484%. ^[7]
• Apr 16, 202478% Apr 17, 202479% Apr 18, 202488%. ^[7]
• Apr 20, 202489% Apr 21, 202488%. ^[7]
• Apr 22, 202487% Apr 23, 202479%. ^[7]
• DayInbound emails Jan 29, 202488% Jan 30, 202488%. ^[7]
• Jan 31, 202488% Feb 1, 202491% Feb 2, 202492%. ^[7]
• Feb 4, 202491% Feb 5, 202490%. ^[7]
• Feb 6, 202490% Feb 7, 202490%. ^[7]
• Feb 12, 202491% Feb 13, 202490%. ^[7]
• Feb 14, 202491% Feb 15, 202491%. ^[7]
• Feb 19, 202490% Feb 20, 202490% Feb 21, 202490%. ^[7]
• Feb 27, 202489% Feb 28, 202490% Mar 1, 202490% Mar 2, 202490%. ^[7]
• Mar 21, 202488% Mar 22, 202488% Mar 23, 202488% Mar 24, 202488% Mar 25, 202488% Mar 26, 202487% Mar 27, 202487% Mar 30, 202488% Mar 31, 202488%. ^[7]
• Apr 2, 202487% Apr 3, 202487% Apr 4, 202488%. ^[7]
• Apr 5, 202487% Apr 6, 202487% Apr 7, 202488%. ^[7]
• Apr 8, 202488% Apr 9, 202486%. ^[7]
• Apr 10, 202486% Apr 11, 202486%. ^[7]
• Apr 12, 202486% Apr 13, 202487%. ^[7]
• Apr 14, 202487% Apr 15, 202486%. ^[7]
• Apr 17, 202485% Apr 18, 202485% Apr 19, 202486%. ^[7]
• Apr 20, 202486% Apr 21, 202487%. ^[7]
• Apr 22, 202487% Apr 23, 202485%. ^[7]
• 92% of malware is delivered by email. ^[3]
• Mobile malware on the rise with the number of new malware variants for mobile increased by 54% in 2018. ^[3]
• Third party app stores host 99.9% of discovered mobile malware. ^[3]
• 98% of mobile malware target Android devices. ^[3]
• Over the last year, MacOS malware has increased by 165%. ^[3]
• Malware development rates for Windows decreased by 11.6% since reaching an all time high in 2015. ^[3]
• Malware is still the preferred distribution model, used 71.14% of the time over the last 12 months, while PUAs were only used in 28.86% of instances. ^[3]
• Gamut spambot was the most frequently used, with over 86% of all spambot cases involving its use. ^[3]
• Over the last year, 36% of these servers were hosted in America, while 24% were hosted in undefined countries. ^[3]
• Trojans make up 51.45% of all malware. ^[3]
• 230,000 new malware samples are produced every day and this is predicted to only keep growing. ^[3]
• Overall business detections of malware rose 79% from 2017 due to an increase in backdoors, miners, spyware, and information stealers. ^[3]
• 34% of businesses hit with malware took a week or more to regain access to their data. ^[3]
• 90% of financial institutions reported being targeted by malware in 2018. ^[3]
• Ransomware attacks worldwide rose 350% in 2018. ^[3]
• Ransomware attacks are estimated to cost $6 trillion annually by 2021. ^[3]
• 50% of a surveyed 582 information security professionals do not believe their organization is prepared to repel a ransomware attack. ^[3]
• 81% of cyber security experts believe there will be more ransomware attacks than ever in 2019. ^[3]
• 75% of companies infected with ransomware were running upto. ^[3]
• FedEx lost an estimated $300 million in Q1 2017 from the NotPetya ransomware attack. ^[3]
• 25% of business executives would be willing to pay between $20,000 and $50,000 to regain access to encrypted data 30% of organizations who pay the ransom receive all of their money back. ^[3]
• 40% of ransomware victims paid the ransom. ^[3]
• More than 50% of ransoms were paid by bitcoin in 2018. ^[3]
• 10% of all ransom demands are over $5,000. ^[3]
• Of the 1,100 IT professionals surveyed, 90% had clients that suffered ransomware attacks in the past year. ^[3]
• 40% had clients that were subject to at least 6 ransomware attacks. ^[3]
• In 2019 ransomware from phishing emails increased 109% over 2017. ^[3]
• 25% of businesses are estimated to have been victims of cryptojacking. ^[3]
• 25% of the WordPress plugins among Alexa’s most popular sites are flagged with critical vulnerabilities that could allow mining botnets in. ^[3]
• 43% of the IT professionals said they had been targeted by social engineering schemes in the last year. ^[3]
• New employees are the most susceptible to socially engineered attacks, with 60% of IT professionals citing recent hires as being at high risk. ^[3]
• 21% of current or former employees use social engineering to gain a financial advantage, for revenge, out of curiosity or for fun. ^[3]
• Social engineering attempts spiked more than 500% from the first to second quarter of 2018. ^[3]
• Social media 2.5 billion records, or 56% Government 1.2 billion records, or 27%. ^[3]
• 56% of IT decision makers say targeted phishing attacks are their top security threat. ^[3]
• 83% of global infosec respondents experienced phishing attacks in 2018, an increase from 76% in 2017. ^[3]
• 30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link. ^[3]
• Only 3% of targeted users report malicious emails to management. ^[3]
• 53% of IT and security professionals say they have experienced a targeted phishing attack in 2017. ^[3]
• Credential compromise rose 70% over 2017, and they’ve soared 280% since 2016. ^[3]
• 50% of phishing sites now using HTTPS. ^[3]
• The most common malicious attachment types Office 38% Archive 37% PDF. ^[3]
• The volume of email fraud that organizations receive has increased 8% yearover. ^[3]
• 66% of malware is installed via malicious email attachments. ^[3]
• 49% of nonpointof sale malware was installed via malicious email. ^[3]
• 21% of ransomware involved social actions, such as phishing. ^[3]
• 30% of phishing messages were opened in 2016 – up from 23% in the 2015 report. ^[3]
• In 2017, cyber crime costs accelerated with organizations spending nearly 23% more than 2016 on average about $11.7 million. ^[3]
• From 2016 to 2017 there was a 22.7 % increase in cyber security costs. ^[3]
• The average global cost of cyber crime increased by over 27% in 2017. ^[3]
• The most expensive component of a cyber attack is information loss, which represents 43% of costs. ^[3]
• The root causes of data breaches for small businesses broke out as following Negligent employee or contractor 48%. ^[3]
• Third party mistakes 41% Error in system or operating process. ^[3]
• Don’t know External attacks 27%. ^[3]
• Other 2% 95% of breached records came from three industries in 2016. ^[3]
• Recent data breach statistics found that 63% of successful attacks come from internal sources, either control, errors, or fraud. ^[3]
• 33% of data breaches involved social engineering. ^[3]
• 43% of data breaches involved small businesses. ^[3]
• Targeted emails, or spear phishing, is reported by businesses to be used in 91% of successful data breaches and 95% of all enterprise networks. ^[3]
• 29.6% of companies will experience a data breach in the next two years. ^[3]
• The average cost of lost business for organizations in the 2019 study was $1.42 million, which represents 36 percent of the total average cost. ^[3]
• Breaches caused a customer turnover of 3.9% in 2019. ^[3]
• 36% of breaches were in the medical or healthcare industry in 2019. ^[3]
• 69% of those in the healthcare industry believe they are at great risk for a data breach than other industries. ^[3]
• Banks were the target 47% of financial data breaches. ^[3]
• Share prices fall 7.27% on average, and underperform the NASDAQ by. ^[3]
• 21% of all files are not protected in any way. ^[3]
• 41% of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected. ^[3]
• 70% of organizations say that they believe their security risk increased significantly in 2017. ^[3]
• 50% of the security risk that organizations face stems from having multiple security vendors and products. ^[3]
• 65% of companies have over 500 users who never are never prompted to change their passwords. ^[3]
• Ransomware attacks are growing more than 350% annually. ^[3]
• IoT attacks were up 600% in 2017. ^[3]
• 61 percent of breach victims in 2017 were businesses with under 1,000 employees. ^[3]
• 2017 represented an 80% increase in new malware on Mac computers. ^[3]
• In 2017 there was a 13% overall increase in reported system vulnerabilities. ^[3]
• 2017 brought a 29% Increase in industrial control system–related vulnerabilities. ^[3]
• Coin mining represented the biggest growth area in cybercrime in 2017, with antivirus detections up 8,500% 90% of remote code execution attacks are associated with crypto mining. ^[3]
• 61% of organizations have experienced an IoT security incident. ^[3]
• 77% of compromised attacks in 2017 were fileless. ^[3]
• 69% of companies see compliance mandates driving spending. ^[3]
• 88% of companies spent more than $1 million on preparing for the GDPR. ^[3]
• 25% of organizations have a standalone security department. ^[3]
• 54% of companies experienced an industrial control system security incident. ^[3]
• Cyber criminals will steal an estimated 33 billion records in 2024. ^[3]
• In 2017 there were over 130 large scale, targeted breaches in the U.S. per year, and that number is growing by 27% per year. ^[3]
• 31% of organizations have experienced cyber attacks on operational technology infrastructure. ^[3]
• U.S. government to spend $15 billion on cyber security related activities in 2019 up 4% over the previous year. ^[3]
• 43% of cyber attacks target small business. ^[3]
• 47% of small businesses had at lease on cyber attack in the past year, 44% of those had two to four attacks. ^[3]
• 70% of small businesses are unprepared to deal with a cyber attack. ^[3]
• 66% of small business are very concerned about cyber security risk. ^[3]
• 85% of small businesses plan to increase spending on managed security services. ^[3]
• 51% of small businesses say they are not allocating any budget to cyber security. ^[3]
• 58% of malware attack victims are categorized as small businesses. ^[3]
• Ransomware damage costs alone are on track to hit $11.5 billion in 2019, at which point it’s estimated that small businesses will fall victim to a ransomware attack every 14 seconds. ^[3]
• 4% of malware sent to small businesses is delivered via email. ^[3]
• 1.1% legal/law enforcement message 0.3% scanned document. ^[3]
• 60% of small businesses say attacks are becoming more severe and more sophisticated. ^[3]
• Only 14% of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective. ^[3]
• 60% of small companies go out of business within six months of a cyber attack. ^[3]
• 48% of data security breaches are caused by acts of malicious intent. ^[3]
• Small businesses are most concerned about the security of customer data Consumer records 66% Intellectual property 49% Customer credit or debit card information 46%. ^[3]
• Employee records 8% Business correspondence 5%. ^[3]
• The types of cyber attacks on small businesses broke out as following Web. ^[3]
• Phishing / social engineering 43% General malware 35% SQL injection 26%. ^[3]
• Denial of services 21% Advance malware / zero day attacks 14%. ^[3]
• Malicious insider 13% Cross. ^[3]
• Other 1% 68% store email addresses 64% store phone numbers. ^[3]
• 69% of small businesses do not strictly enforce password policies. ^[3]
• 16% of small businesses say they had only reviewed their cyber security posture after they were hit by an attack. ^[3]
• Only 16% of small business are very confident in their cyber security readiness. ^[3]
• Strategy – 52% of small business have a clearly defined strategy around cyber security. ^[3]
• Accountability – 23% of small businesses have a leadership role dedicated to cyber, whereas 46% have no defined role at all. ^[3]
• Willingness to respond – 65% of small businesses have failed to act following a cyber security incident. ^[3]
• Training – 32% of small businesses have conducted phishing experiments to assess employee behavior and readiness in the event of an attack. ^[3]
• Insurance – 21% of small businesses have a standalone cyber insurance policy, compared to 58% of large companies. ^[3]
• 67% of financial institutions reported an increase in cyber attacks over the past year. ^[3]
• 26% of financial enterprises faced a destructive attack. ^[3]
• 79% of financial CISOs said threat actors are deploying more sophisticated attacks. ^[3]
• 21% suffered a watering hole attack in the last year. ^[3]
• 32% of financial institutions encountered island hopping, is leveraging one compromised organization to gain entry into another. ^[3]
• 25% of all malware attacks hit banks and other financial industries, more than any other industry Credit card compromised increased by 212% year over year, credential leaks experienced a similar increase of 129%, and malicious apps increased by 102%. ^[3]
• 47% of financial institutions reported an increase in wire transfer fraud. ^[3]
• 31% of financial institutions reported an increase in home equity loan fraud. ^[3]
• 79% of financial institutions said cybercriminals have become more sophisticated, leveraging highly targeted social engineering attacks. ^[3]
• 32% of financial institutions reported experiencing counter incident response. ^[3]
• 21% of financial institutions reported experiencing C2 on a sleep cycle. ^[3]
• 70% of financial institutions said they are most concerned about financially motivated attackers. ^[3]
• 30% of financial institutions said they are most concerned with nation. ^[3]
• Global attack types and sources on financial sectors Web attacks – 46% Service specific attacks – 28% DoS/DDoS 8%. ^[3]
• 69% of financial institution CISOs are planning to increase cyber security spending by 10% or more in 2019. ^[3]
• 47% of financial institution CISOs said their organizations are operating threat hunt teams. ^[3]
• 32% of financial institution CISOs said they conduct threat hunts on a monthly basis. ^[3]
• 70% of cyber crimes targeting surveyed financial institutions involve lateral movement. ^[3]
• 16% of healthcare providers report having “fully functional” security programs. ^[3]
• 43% admitted that they are either still developing security programs or have not developed one. ^[3]
• 93% of healthcare organizations are currently using some form of cloud services. ^[3]
• 63% plan to use multiple cloud vendors. ^[3]
• 20% of healthcare domain emails were fraudulent in 2017. ^[3]
• 82% of surveyed healthcare organizations say that security is a top concern. ^[3]
• 89% of healthcare organization had patient data lost or stolen in the past two years. ^[3]
• 54% of healthcare business associates say their top vulnerability is tied to employee negligence in handling patient information. ^[3]
• 81 percent of healthcare cyber security incidents are rooted in employee negligence. ^[3]
• 69% of healthcare organizations site negligent or careless employees as their top worry for security incidents, followed by cyber attacks (45%) and insecure mobile devices (30%). ^[3]
• The healthcare industry was the victim of 88%of all ransomware attacks in US industries in 2016. ^[3]
• 94% are now using some form of advanced technology to protect sensitive data. ^[3]
• 25% healthcare organizations using the public cloud report that they are not encrypting patient data. ^[3]
• 41% of higher education cyber security incidents and breaches were caused by social engineering attacks. ^[3]
• 43% have had student data attacked, including dissertation materials and exam results. ^[3]
• 25% have experienced critical intellectual property theft. ^[3]
• 28% have had grant holder research data attacked. ^[3]
• 87% have experienced at least one successful cyber attack. ^[3]
• 83% believe cyber attacks are increasing in frequency and sophistication. ^[3]
• 79% universities have experienced damage to reputation and almost 74% have had to halt a valuable research project as a result of a cyber attack. ^[3]
• 77% also say a cyber breach has the potential to impact national security, due to the potentially sensitive nature of the information which could been compromised. ^[3]
• 64% don’t believe their existing IT infrastructure will protect them against cyber attacks in next 12. ^[3]
• 27% see the current security of their data center as ‘inadequate’ and in urgent need of updating. ^[3]
• 85% of universities agree that more funding must be given to IT security to protect critical research IP. ^[3]
• On average, 30% of users in the education industry have fallen for phishing emails. ^[3]
• The education sector accounted for 13% of all data security breaches during the first half of 2017, resulting in the compromise of some 32 million personal records. ^[3]
• According to the official information, 31 terabytes of “valuable intellectual property and data” was exposed. ^[3]
• Nearly 98% of all cyber attacks rely on some form of social engineering to deliver a payload such as malware. ^[3]
• Therefore, threat actors distribute malware via email approximately 92% of the time. ^[3]
• 62% of businesses experienced phishing and social engineering attacks in 2018 with a new organization falling victim to ransomware every 14 seconds in 2019. ^[3]
• The total number of spear phishing campaigns targeting employees increased by 55%, which makes up 71% of all targeted attack on businesses. ^[3]
• Given the rise in phishing attacks it is estimated that 90% of incidences and breaches included a phishing element in 2019. ^[3]
• According to Cybint, 95% of cybersecurity breaches are caused by human error. ^[1]
• 95% of cybersecurity breaches are caused by human error. ^[1]
• 88% of organizations worldwide experienced spear phishing attempts in 2019. ^[1]
• 68% of business leaders feel their cybersecurity risks are increasing. ^[1]
• On average, only 5% of companies’ folders are properly protected. ^[1]
• 86% of breaches were financially motivated and 10% were motivated by espionage. ^[1]
• 45% of breaches featured hacking, 17% involved malware and 22% involved phishing. ^[1]
• and .dot which make up 37%, the next highest is .exe. ^[1]
• An estimated 300 billion passwords are used by humans and machines worldwide. ^[1]
• Personal data was involved in 58% of breaches in 2020. ^[1]
• Security breaches have increased by 11% since 2018 and 67% since 2014. ^[1]
• 64% of Americans have never checked to see if they were affected by a data breach. ^[1]
• 56% of Americans don’t know what steps to take in the event of a data breach. ^[1]
• The average ransomware payment rose 33% in 2020 over 2019, to $111,605. ^[1]
• 94% of malware is delivered by email. ^[1]
• 48% of malicious email attachments are office files. ^[1]
• Ransomware detections have been more dominant in countries with higher numbers of internet connected populations, and the U.S. ranks highest with 18.2% of all ransomware attacks. ^[1]
• Most malicious domains, about 60%, are associated with spam campaigns. ^[1]
• About 20% of malicious domains are very new and used around one week after they are registered. ^[1]
• 65% of groups used spear phishing as the primary infection vector. ^[1]
• Phishing attacks account for more than 80% of reported security incidents. ^[1]
• 30% of data breaches involve internal actors. ^[1]
• 90% of remote code execution attacks are associated with cryptomining. ^[1]
• 66% of companies see compliance mandates driving spending. ^[1]
• 15% of companies found 1,000,000+ files open to every employee. ^[1]
• 17% of all sensitive files are accessible to all employees. ^[1]
• About 60% of companies have over 500 accounts with non. ^[1]
• More than 77% of organizations do not have an incident response plan. ^[1]
• Companies reportedly spent $9 billion on preparing for the GDPR and, in 2018, legal advice and teams cost UK FTSE 350 companies about 40% of their GDPR budget or $2.4 million. ^[1]
• 88% of companies spent more than $1 million on preparing for the GDPR. ^[1]
• Since the GDPR was enacted, 31% of consumers feel their overall experience with companies has improved. ^[1]
• By 2019, only 59% of companies believed they were GDPR compliant. ^[1]
• 70% of companies agree that the systems they put in place will not scale as new GDPR regulations emerge. ^[1]
• The healthcare industry lost an estimated $25 billion to ransomware attacks in 2019. ^[1]
• More than 93% of healthcare organizations experienced a data breach in the past three years. ^[1]
• 15% of breaches involved healthcare organizations, 10% in the financial industry and 16% in the public Sector. ^[1]
• Trojan horse virus Ramnit largely affected the financial sector in 2017, accounting for 53% of attacks. ^[1]
• Financial and manufacturing services have the highest percent of exposed sensitive files at 21%. ^[1]
• Manufacturing companies account for nearly a quarter of all ransomware attacks, followed by the professional services with 17% of attacks, and then government organizations with 13% of attacks. ^[1]
• The U.S. government allocated an estimated $18.78 billion for cybersecurity spending in 2021. ^[1]
• Lifestyle (15%) and entertainment (7%). ^[1]
• Supply chain attacks were up 78% in 2019. ^[1]
• Security services accounted for an estimated 50% of cybersecurity budgets in 2020. ^[1]
• The total cost of cybercrime for each company increased by 12% from $11.7 million in 2017 to $13.0 million in 2018. ^[1]
• In 2019 over 2020, Scandinavia saw the largest increase in total cost of data breaches at 12%, while South Africa saw the largest decrease at 7.4%. ^[1]
• 50% of large enterprises are spending $1 million or more annually on security, with 43% spending $250,000 to $999,999, and just 7% spending under $250,000. ^[1]
• More than 70 percent of security executives believe that their budgets for fiscal year 2021 will shrink. ^[1]
• Since the pandemic began, the FBI reported a 300% increase in reported cybercrimes. ^[1]
• 27% of COVID. ^[1]
• target banks or healthcare organizations and COVID 19 is credited for a 238% rise in cyberattacks on banks in 2020. ^[1]
• Confirmed data breaches in the healthcare industry increased by 58% in 2020. ^[1]
• 52% of legal and compliance leaders are concerned about thirdparty cyber risks due to remote work since COVID. ^[1]
• 47% of employees cited distraction as the reason for falling for a phishing scam while working from home. ^[1]
• 81% of cybersecurity professionals have reported their job function changed during the pandemic. ^[1]
• Cloud based cyber attacks rose 630% between January and April 2020. ^[1]
• Remote workers have caused a security breach in 20% of organizations. ^[1]
• 27% of COVID19 cyberattacks target banks or healthcare organizations and COVID 19 is credited for a 238% rise in cyberattacks on banks in 2020. ^[1]
• Confirmed data breaches in the healthcare industry increased by 58% in 2020. ^[1]
• 61% of companies think their cybersecurity applicants aren’t qualified. ^[1]
• 70% of cybersecurity professionals claim their organization is impacted by the cybersecurity skills shortage. ^[1]
• Since 2016, the demand for Data Protection Officers has skyrocketed and risen over 700%, due to the GDPR demands. ^[1]
• 61% of cybersecurity professionals aren’t satisfied with their current job. ^[1]
• There was a 350 percent growth in open cybersecurity positions from 2013 to 2021. ^[1]
• 40 percent of IT leaders say cybersecurity jobs are the most difficult to fill. ^[1]
• The cybersecurity unemployment rate is 0% and is projected to remain there through 2021. ^[1]
• By 2021, 100% of large companies globally will have a CISO position. ^[1]
• Information Security Analysts job positions in the US are expected to grow 31% from 2019–29. ^[1]
• Computer Network Architect job positions in the US are expected to grow 5% from 2019–29. ^[1]
• Computer Programmer job positions in the US are expected to decline 9% from 2019–29. ^[1]
• As data breaches become more sophisticated and more prevalent, a reported 68% of business leaders feel their cybersecurity risks are increasing. ^[8]
• 52%of breaches featured hacking, 28% involved malware and 32–33% included phishing or social engineering, respectively. ^[8]
• 24%of breaches are caused by human error. ^[8]
• 53%of companies had over 1,000 sensitive files open to every employee. ^[8]
• 43%of breach victims were small businesses. ^[8]
• Supply chain attacks were up78%in 2019. ^[8]
• 83% of enterprise workloads will move to the cloud by the end of this year. ^[8]
• NetSTAR reports that from February to May 2020, there was a significant increase in phishing attacks, with some areas seeing up to 600 percent more than previous phishing incidents. ^[9]
• More than 60 percent of phishing schemes attempt to get people to give up credentials, and nearly 50 percent are looking for personal information. ^[9]
• A total of 5,258 confirmed data breaches occurred in 16 different industries and four world regions, according to the Verizon 2021 Data Breach Investigations Report 86% were financially motivated. ^[10]
• Nearly half (49%). ^[10]
• In 2020, the Internet Crime Complaint Center received over 28,500 complaints related to COVID 19, according to the 2020 FBI Internet Crime Report. ^[10]
• IC3 saw a 69% increase in complaints from 2019, receiving 791,790 complaints total, with losses exceeding $4.1 billion. ^[10]
• According to IC3, the costliest attacks are business email compromise schemes, with 19,369 total complaints and a loss of $1.8 billion. ^[10]
• By September 2020, the average ransom payment peaked at $233,817, according to the 2021 Webroot Brightcloud Threat Report. ^[10]
• The report also found that 86% of malware is unique to a single PC, and phishing spiked by 510% from January to February 2020 alone. ^[10]
• According to the FBI’s IC3, as of 2020 phishing is by far the most common attack performed by cybercriminals. ^[10]
• Not surprisingly with the increase in phishing attacks, email security was ranked as the top IT security project of 2021, according to the Greathorn 2021 Email Security Benchmark Report. ^[10]
• According to the 2021 Imperva Bad Bot Report, bad bot traffic amounted to 25.6% of all website traffic in 2020, up 6.2% from the previous year. ^[10]
• worse, advanced persistent bots accounted for 57.1% of bad bot traffic in 2020. ^[10]
• Telecom and ISPs (45.7%). ^[10]
• This coincides with a drop of over 11% (79.4% to 68%). ^[10]
• This is evident in the Unit 42 Cloud Threat Reportemployees working remotely grew from 20% to 71%. ^[10]
• Enterprises quickly scaled their cloud spend in the third quarter of 2020 with an increase of 28% from the same quarter in 2019. ^[10]
• Increased by 188% overall Grew by 402% in retail Grew by 230% in manufacturing Grew by 205% in government. ^[10]
• The average application has 118 libraries, butthe pandemic increased online giving by 20.7%. ^[10]
• Akamai also reports the number of customers targeted were up 57% year over year, with numbers increasing to record volume and diversity across regions and geographies. ^[10]
• With 878 cyberattacks in 2020, 18% of which were ransomware, according to the Identity Theft Resource Center. ^[10]
• According to the 2020 CSO Security Priorities Study.increased need for developers, as well as help desk and cybersecurity professionals, according to a study by Robert Half Technology. ^[10]
• This is critical since according to 74% of workers they want to work remotely more frequently following the pandemic, regardless of their business’s hybrid work plans. ^[10]
• IT managers (44%). ^[10]
• For companies that cannot bring in qualified people from the outside, 42% of companies plan to launch upskilling initiatives, said a Korn Ferry study. ^[10]
• Nevertheless, one widely cited stat is ISC2’s finding that more than half (57%). ^[10]
• Korn Ferry found US companies making due to COVID 19 were Conducted remote interviews and onboarding (54%) Shortened the hiring process (42%). ^[10]
• Cyber attacks are more likely to bring down F 35 jets than missiles. ^[4]
• Over 75% of targeted cyberattacks start with an email. ^[4]
• Global cybercrime costs are expected to grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025. ^[4]
• The first half of 2021 saw a 102% increase in ransomware attacks compared to the beginning of 2020. ^[4]
• 53% of adults agree thatremote work has made it much easier for hackers and cybercriminals to take advantage of people. ^[4]
• Spam was the most popular type of threat leveraging COVID19, with 65.7% of COVID 19 related threats being spam email. ^[4]
• 44% of adults feel more vulnerable to cybercrime than they did before the COVID. ^[4]
• About one in five consumers fell victim to scam in the last year, with 4% clicking a fraudulent COVID19 contacttracing link and another 4% paying a fee to receive COVID19 relief money, and 3% paying to get an illegitimate COVID. ^[4]
• Since COVID 19, the FBI has reported a 300% increase in reported cybercrimes. ^[4]
• The COVID 19 pandemic has been connected to a 238% surge in cyberattacks against banks. ^[4]
• There has been a rise in ransomware campaigns requiring payment in cryptocurrency — a 35% increase from late 2020 to early 2021. ^[4]
• Bitcoin accounts for 98% of cryptocurrency ransomware payments. ^[4]
• 58% of adults are more worried than ever about being a victim of cybercrime. ^[4]
• 13% of consumers use a VPN to protect their online privacy. ^[4]
• 62% of adults admit it’s difficult to determine if the information they see online is from a credible source. ^[4]
• 53% of adults admit they don’t know how to protect themselves from cybercrime. ^[4]
• 63% of consumers are very worried their identity will be stolen. ^[4]
• 38% of consumers have never considered their identity could be stolen. ^[4]
• 78% of consumers are concerned about data privacy. ^[4]
• 63% of consumers are alarmed more than ever about their privacy. ^[4]
• 27% of consumers have stopped using public Wi Fi to protect their online privacy. ^[4]
• 83% of consumers want to do more to protect their privacy, but 47% don’t know. ^[4]
• 46% of Americans would have no idea what to do if their identity was stolen, and 77% wish they had more information on what to do if it were. ^[4]
• 91% of people know the risks of reusingpasswords across their online accounts, but 66% do it anyway. ^[4]
• 41% of people don’t think their accounts are valuable enough to be worth a hacker’s time. ^[4]
• 47% of cybercrime victims lose money as a result of a cybercrime committed. ^[4]
• It’s estimated that global ransomware damage costs will reach $20 billion in 2021. ^[4]
• Tech support frauds amounted to over $146 million, a 171% increase in losses from 2019. ^[4]
• Globally, those who experienced cybercrime in the past year spent an average of 6.7 hours resolving it for an estimated 2.7 billion hours lost in total. ^[4]
• 70% of online fraud is accomplished through mobile platforms. ^[4]
• There has been a 680% increase in fraud transactions originating from mobile apps from 2015 to 2018. ^[4]
• Nearly three quarter of U.S. gamer (73%) ay they would never fall for a gaming cam, with about half (51%). ^[4]
• There was a 30% rise in IoT malware in 2020, a total of 32.4 million worldwide. ^[4]
• Infectedrouters account for 75% of IoT attacks, and connected cameras accounted for 15% of them. ^[4]
• 63% of people find IoT devices “creepy” in the way they collect data about people and their behaviors. ^[4]
• 53% of people distrust IoT devices to protect their privacy and respectfully handle their information. ^[4]
• 28% of people who do not own a smart device will not buy one due to security concerns. ^[4]
• There was a 43% increase in social media fraud attacks in 2018. ^[4]
• 11% of consumers have deleted a social media account to protect their online privacy. ^[4]
• 34% of U.S. adults don’t trust social media companies at all with safeguarding their personal data. ^[4]
• 2020 saw a 40% surge in global ransomware. ^[4]
• The U.S. saw 145.2 million ransomware hits in 2020, a 139% increase over 2019. ^[4]
• On average, only 65% of the encrypted data is restored after ransoms are paid 79. 37% of organizations were hit by ransomware in 2020, a 14% decrease from 2019 when 51% of organizations were hit. ^[4]
• 80. 10% of data breaches involve ransomware. ^[4]
• There was a 39% decrease in malware worldwide in 2020. ^[4]
• Nearly 60% of Americans have reportedly been exposed to fraud schemes, including 26% exposed to email phishing scams. ^[4]
• 36% of data breaches involved phishing. ^[4]
• 50% of data breach incidents involved phishing andsocial engineering. ^[4]
• There was a 67% increase in security breaches between 2014 and 2019. ^[4]
• 90. 85% of data breaches involve a human element. ^[4]
• 86% of adults are unaware of stalkerware or have only heard the name, meaning only 14 percent are familiar with stalkerware or creepware. ^[4]
• Instances of stalkerware increased by 20% from November 2020 to January 2021. ^[4]
• 66% of tech support fraud victims are reportedly over 60 years old, they lost over $116 million to frauds in 2020. ^[4]
• 14% of consumers have detected unauthorized access on an email account. ^[4]
• and .jar, represent around 37% of all malicious file extensions 102. ^[4]
• It’s estimated that there will be a ransomware attack on businesses every 11 seconds in 2021. ^[4]
• 70% of consumers believe businesses aren’t doing enough to secure their personal information. ^[4]
• 68% of business leaders feel their risk of a cyberattack is increasing. ^[4]
• 47% of organizations have had at least one employee download a malicious app. ^[4]
• 57% of all organizations have experienced a mobile phishing incident. ^[4]
• 59% of consumers are likely to avoid companies that suffered from a cyberattack in the past year. ^[4]
• For reference, 88 percent of organizations face spear phishing attempts in a single year — that means many businesses could be targeted by spear phishing attacks every day. ^[4]
• The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. ^[4]
• 43% of cyber attacks target small businesses. ^[5]
• 60% of small businesses that are victims of a cyber attack go out of business within six months. ^[5]
• There was a 424% increase in new small business cyber breaches last year. ^[5]
• 66% of small businesses are concerned or extremely concerned about cyber security risk. ^[5]
• 14% of small businesses rate their ability to mitigate cyber risks and attacks as highly effective. ^[5]
• 66% of small businesses are most concerned about compromising customer data. ^[5]
• 22% of small businesses encrypt their databases. ^[5]
• 63% of confirmed data breaches leverage a weak, default, or stolen password. ^[5]
• The median small business received 94% of its detected malware by email. ^[5]
• 54% of small businesses think they’re too small for a cyber attack. ^[5]
• 25% of small businesses didn’t realize cyber attacks would cost them money. ^[5]
• 83% of small businesses haven’t put cash aside for dealing with a cyber attack. ^[5]
• 54% of small businesses don’t have a plan in place for reacting to cyber attacks. ^[5]
• 65% of small businesses have failed to act following a cyber security incident. ^[5]
• 50% of small and mid sized businesses reported suffering at least one cyber attack in the last year. ^[5]
• 40% of small businesses experienced eight or more hours of downtime due to a cyber breach. ^[5]
• Industry experts say a small business’s cyber security budget should be at least 3% of a company’s total spending. ^[5]
• 91% of small businesses don’t have cyber liability insurance. ^[5]
• Surprisingly enough, 43% of cyber attacks are made against small businesses. ^[5]
• it was a mere 18% just a few years ago. ^[5]
• According to the US National Cyber Security Alliance, 60% of small businesses that suffer a cyber attack go out of business within half a year. ^[5]
• The rate at which cyber attacks against small businesses grew last year is a staggering 424%. ^[5]
• According to a study run by Hiscox, 66% of small businesses are either concerned or extremely concerned about cyber security risk. ^[5]
• Small Business Trends found that a mere 14% of small businesses rate their ability to mitigate cyber risks and attacks as highly effective. ^[5]
• 47% of small businesses have no understanding of how to protect themselves against cyber attacks. ^[5]
• Almost half 47% of small businesses say they have no idea how to protect themselves against cyber attacks. ^[5]
• When permitted two answers, 66% of small business owners chose customer recorders as their biggest worry. ^[5]
• This option was followed up by 49%. ^[5]
• 46% Customer credit or debit card information. ^[5]
• Financial information 8% Employee records 5% Business correspondence 1%. ^[5]
• Additionally, only 22% of small businesses encrypt their databases. ^[5]
• Only 48% of all data security breaches have malintent. ^[5]
• According to Security Intelligence, 63% of confirmed data breaches take advantage of weak, default, or stolen passwords. ^[5]
• Results from a study run by Verizon showed that the median small business got 94% of its detected malware through email. ^[5]
• Within emails, 45% of detected malwares were sent through Office document file to the median small business, while 26% were sent through a Windows App file. ^[5]
• 54% of small businesses think that they’re too small to be targeted by cyber crime, but most of the cyber security stats we’ve highlighted indicate that “too small” isn’t really a consideration for cybercriminals. ^[5]
• According to Insurance Bee, 25% of small businesses didn’t even realize that cyber attacks would cost their business money. ^[5]
• Notably, 83% of small businesses haven’t put cash aside for dealing with a cyber attack. ^[5]
• Insurance Bee reports that 54% of small businesses haven’t taken the time to proactively plan for handling a potential cyber attack. ^[5]
• A study run by Hiscox showed that 65% of small businesses have actually failed to act after a cyber security incident. ^[5]
• [12] Finding and addressing the vulnerability that resulted in a cyber breach is necessary for moving forward and steeling your business against subsequent attacks, but it will likely cost you. ^[5]
• 40% of small and mid sized businesses experienced eight or more hours of downtime due to a cyber breach. ^[5]
• Ninja RMM shares that 40% of polled small and mid sized businesses experienced at least eight hours of their systems being down thanks to a cyber breach. ^[5]
• Black Stratus shares that industry experts advise businesses to invest at least 3% of their total spending into cyber security. ^[5]
• It’s no surprise that less than 10% of small businesses have cyber liability insurance. ^[5]
• Because few small businesses prioritize cyber security measurements, as evidenced by many of the statistics we’ve looked into, that 91% of them don’t have cyber liability insurance doesn’t come as a surprise. ^[5]
• 43 Percent of Cyber Attacks Target Small Business 60% of small companies that suffer a cyber attack are out of business within six months. ^[5]
• According to recent research from IRONSCALES, 81% of organizations around the world have experienced an increase in email phishing attacks since March 2020. ^[11]
• In fact, according to Verizon’s 2021 DBIR, around 25% of all data breaches involve phishing and 85% of data breaches involve a human element. ^[11]
• According to IBM, one in five companies that suffered a malicious data breach in 2021 was infiltrated due to lost or stolen credentials, while 17% were breached via a direct phishing attack. ^[11]
• These include video conferencing platforms (44%), workforce messaging platforms (40%), cloudbased file sharing platforms (40%) and SMS (36%). ^[11]
• The biggest category of phishing, according to a study by APWG, is targeted towards webmail and Softwareasa Service users; these types of attack are responsible for 34.7% of phishing attempts. ^[11]
• The same study reported an increase in the number of BEC attacks sent from free webmail providers, from 61% to a staggering 72%, and found that over half of these attacks used Gmail as their delivery method. ^[11]
• According to the results of Terranova Security’s 2020 Gone Phishing Tournament, almost 20% of all employees are likely to click on phishing email links and, of those, a staggering 67.5% go on to enter their credentials on a phishing website. ^[11]
• That means that 13.4% of employees are likely to submit their password on a fraudulent phishing page. ^[11]
• According to research from KnowBe4, the most common subject lines to real life phishing emails in Q3 of 2021 were as follows. ^[11]
• Speaking of staying in touch, LinkedIn phishing messages make up 47% of social media phishing attempts, making faux LinkedIn messages by far the most common social media phishing subject. ^[11]
• According to Check Point, Microsoft is the most impersonated brand globally when it comes to brand phishing attempts, holding the majority with 43. ^[11]
• Microsoft is followed by DHL (18%), LinkedIn (6%) and Amazon (5%). ^[11]
• A recent study by INKY also found Microsoft to be the most impersonated brand, with Microsoft related phishing emails accounting for almost 70% of brand impersonation phishing attempts in 2020, followed by Zoom, Amazon, Chase Bank and RingCentral. ^[11]
• The same report indicates that brand impersonation incidents are largely associated with brands in the technology sector (71.8%). ^[11]
• Even more shockingly, 21% said that their own employees had been behind the fraud. ^[11]
• The top industries at risk of a phishing attack, according to KnowBe4. ^[11]
• According to IBM, the average cost of a data breach is 4.24 million dollars. ^[11]
• And the majority of that cost is split between detecting and escalating the breach (29%), and lost business cost (38%). ^[11]
• Further to this, IBM found that customers’ personally identifiable information was both the most commonly compromised type of data—involved in 44% of all breaches—and the most costly. ^[11]
• 80% of breached organizations reported a loss of customer PII in 2020, and breaches that suffered PII loss cost on average four dollars more per lost or stolen record than those that hadn’t. ^[11]
• This spike is mirrored by research from Abnormal Security, which reports a huge increase in COVID 19 themed attacks starting in Q1, with the weekly volume of campaigns further increasing by 389% between Q1 and Q2. ^[11]
• Throughout Q3, the number of invoice and payment fraud BEC attacks increased by 81%. ^[11]
• IBM also report an 11% increase in the number of BEC attacks in Q2, as hackers took advantage of unfamiliar remote work scenarios. ^[11]
• As a result of this, 76% of business owners say that they feel more exposed to fraud since the beginning of the pandemic, and 66% say that they’re concerned about being targeted by scammers as we move further into 2021. ^[11]
• Microsoft’s New Future of Work report shows similar results, stating that 80% of security professionals have experienced an increase in security threats since shifting to remote work. ^[11]
• Of this 80%, 62% say that phishing campaigns have increased more than any other type of threat. ^[11]
• Cofense’s study, which analyzed millions of results from their own simulated phishing campaigns, found that 82% of trained employees reported a simulated phish within an hour of receiving it, 52% reported it within 5 minutes, and 19% within 30 seconds. ^[11]
• The success of awareness training is further supported by research from KnowBe4, which found that, after completing one year of phishing awareness training, the average improvement rate across all industries and organization sizes was 87%. ^[11]
• With global cybercrime damages predicted to cost up to $10.5 trillion annually by 2025 , not getting caught in the landslide is a matter of taking in the right information and acting on it quickly. ^[0]
• There were 153 million new malware samples from March 2021 to 2024 , a nearly 5% increase on the previous year which saw 145.8 million. ^[0]
• In 2019,93.6% of malware observed was polymorphic, meaning it has the ability to constantly change its code to evade detection. ^[0]
• Almost 50% of business PCs and 53% of consumer PCs that got infected once were re infected within the same year. ^[0]
• 86.2% of surveyed organizations were affected by a successful cyberattack. ^[0]
• Colombia was the hardest hit country by cyberattacks in 2019, with 93.9% of all surveyed companies being compromised at least once last year. ^[0]
• US ransomware attacks cost an estimated $623.7 million in 2021. ^[0]
• 495 million ransomware attacksoccurred in the first nine months of 2021 representing a 148% increase on the previous year. ^[0]
• In 2020, 92 individual ransomware attacks cost US healthcare organizations an estimated $21 billion. ^[0]
• Ransomware is involved in around 17% of malware security incidents, down from 27% in 2020. ^[0]
• In Q3 2021, the average sits at $139,739 which is up 2.3% over the previous quarter. ^[0]
• Organizations in India, Austria, and the US are most likely to be hit by ransomware attacks. ^[0]
• In India, the prevalence is especially high with 68% of organizations dealing with ransomware. ^[0]
• Austria has the next highest rate at 57%. ^[0]
• Kaspersky saw the number of mobile ransomware Trojans rise from 5,522 in Q3 2020 to 6,157 in Q3 2021, an increase of 11.5%. ^[0]
• Here are some of the key findings 89% of MSPs state that ransomware is the most common threat to SMBs. ^[0]
• 64% reported attacks against clients in the first half of 2019, representing an 8% increase yearon. ^[0]
• However, only 5% report multiple attacks in one day, down from 15% in 2018. ^[0]
• One somewhat alarming disconnect was revealed in the report 90% of MSPs are “very concerned” about the ransomware threat and 24% report their SMB clients feel the same. ^[0]
• Downtime costs increased by 75% yearover. ^[0]
• The vast majority of MSPs (75%). ^[0]
• According to Kaspersky, 14.46 million ransomware attacks were blocked in Q2 2021. ^[0]
• The 2021 CyberEdge Cyberthreat Defense Report revealed that 57% of organizations hit by ransomware pay to get their data unlocked, further fueling cyber criminal activities. ^[0]
• All in all, there was an rise of around 28% year on year, with all but one quarter showing a marked increase. ^[0]
• Cybercriminals are quick to find ways to get around strengthened security;“next gen” supply chain attacks grew 650%in just 12 months. ^[0]
• Malicious documents are also a well known infection vector that hasn’t lost its popularity in its 2018 Annual Cybersecurity Report, Cisco found that, globally,38% of malicious email attachments were Microsoft Office formatssuch as Word, PowerPoint, and Excel. ^[0]
• and .jar,represent around 37% of all malicious file extensionsCisco observed,. ^[0]
• 82% of cloud users have experienced security eventscaused by confusion over who is responsible to secure the implementations. ^[0]
• 35% of companiesin a global survey were targeted by anSSL or TLS. ^[0]
• Indeed,fileless attacks were used in 77% of successful compromisesin 2018 and increased in prevalence by a huge 265% in Q1 2019. ^[0]
• In 2019,polymorphic malwareaccounted foralmost 94% of all malicious executables. ^[0]
• Physical attacks are also on the rise, as cybercrime statistics show 27% of cybersecurity incidents in 2020 started or finished with a physical action. ^[0]
• A physical attack was the main method in 54% of all data breaches. ^[0]
• % of employees said they behaved in waysor adopted practices that may risk physical security. ^[0]
• In Europe,Black box ATM attacks increased by 269%in the first half of 2020 compared to H1. ^[0]
• However, losses fell 37% to €0.63 million in the six months of 2021. ^[0]
• This followed a 10% increase in DDoS attacks from Q4 2019 to Q4 2020. ^[0]
• 71% of organizations have experienced an extortion or ransom DDoS threat. ^[0]
• The 1H 2021 report found that the number of multi vector attacks increased 116% from 2019 to 2020 and a further 10% from 2020 to 2021. ^[0]
• The duration of attacks increased to around 50 minutes in 1H 2021, an increase of 31%, with Netscout noting the growth of complex, multivector attacks. ^[0]
• The distribution of attacks by country sees the US having the lion’s share (43.5% in Q4 2021). ^[0]
• More than 30% of phishing attacks involve keyloggers. ^[0]
• Webmail and SaaS users are now the most common targets of phishing attacks at 29.1% (up from 8.1% in Q2 2021). ^[0]
• Financial institutions are now the second largest demographic, accounting for 17.8%. ^[0]
• 74% of phishing sites used HTTPS in the last quarter of 2019, compared to just 32% two years earlier. ^[0]
• Almost 43% of malicious attachments in 2019 were Microsoft Office documents. ^[0]
• More than 95% of malware distributing emailsrequire human action such as following links or accepting security warnings. ^[0]
• However, according to ENISA,the word “payment” is used in 32.5% of all attack email subjects. ^[0]
• Monday is the most popular day to send out phishing messages with 30% of emails being delivered on that day. ^[0]
• The most frequently impersonated brands areDHL (23% of the time) and Microsoft (20% of the time). ^[0]
• In 2021, the average portion of spam in mail traffic was 45.56%. ^[0]
• The figure fluctuated throughout the year reaching a peak of 48.03% in the month of June. ^[0]
• malicious emails are Spain (9.32%), Russia (6.33%), and Italy (5.78%). ^[0]
• Russia and Germany are the top spam source countries, generating 24.77% and 14.12% of spam respectively. ^[0]
• 65.7% of COVID 19 related threats were spam email while 26.8% were malware. ^[0]
• 70% of online fraud is accomplished through mobile platforms. ^[0]
• Additionally, there has been a680% increase in the number of fraud transactionsoriginating from mobile apps. ^[0]
• The top category for malicious apps is Games (21%), Tools and Personalization (20%), and Entertainment and Lifestyle (17%). ^[0]
• “A Pandemic on Mobile” Secure D identified almost 45,000+ malicious apps in 2020, with 23% available via Google Play. ^[0]
• Secure D had to block over a billion transactions (a shocking 93% of total transactions). ^[0]
• In corporate contexts, decision makers are aware of the issue60%of. ^[0]
• Almost 50% of organizations are “very confident” that they’d be able to quickly spot a compromised mobile device. ^[0]
• In spite of these realizations,76% of companies said they had been pressured to sacrifice mobile securityto “get the job done” in 2021. ^[0]
• Consequences are inevitable More than 90% of surveyed organizationssuffered a compromise involving a mobile devicein 2020 labelled the impact “moderate” or worse. ^[0]
• Around 70% of compromised companiesdescribed the incident as “major”. ^[0]
• Mobile banking malware saw a surge in the first half of 2019, increasing by 50%. ^[0]
• “Themost popular banking malwareduring 2019 was Asacub(44.4%), Svpeng (22.4%), Agent (19.1%), Faketoken (12%) andHqwar (3.8%). ^[0]
• In North America, the Q1 2020 encounter rate of enterprise mobile phishing was 24.71%, a 331% increase. ^[0]
• A significant portion (11.9%). ^[0]
• In 2019, almost 90% of web applications were vulnerableto exploits. ^[0]
• On the plus side, the severity of vulnerabilities seems to be declining as the portion of websites with high risk vulnerabilities decreased by 17% in 2019 compared to 2018. ^[0]
• Patch management is the most commonlyused security management technology of the year, with 56.7% of companies using it and 29.1% planning to adopt it soon. ^[0]
• Reports show that security vulnerabilities in web apps continue to be a huge problem,with 32% of internet facing web applications considered high or critical risk. ^[0]
• 60% of states are reviewing code and conducting application security testing in 2020. ^[0]
• This is a 6% increase over 2019. ^[0]
• 69% of enterprises have networks that aremade up of more IoT devices than computers. ^[0]
• 84% of security professionals think that computers are less vulnerable than IoT devices. ^[0]
• Security incidents involving IoT devices have impacted 67% of enterprises. ^[0]
• Only around 21% of security professionals think their current security controls are adequate. ^[0]
• Security is a primary concern for IoT developerswith 46% making it a top priority (up from 39% in 2020). ^[0]
• Routers and connected cameras were the most infected devices and accounted for 75 and 15 percent of the attacks respectively. ^[0]
• The most widely used techniques in IoT security are communication security (43%) and data encryption (27%). ^[0]
• thatIoT security spendingis growing at a Compound Annual Growth Rate of 44% and will reachalmost $4.4 billion by 2024. ^[0]
• As we’ve seen, default passwords are the core attack tactic, sothe biggest IoT security issuesthat need to be solved areauthentication/authorization(32%), followed byaccess control(15%)anddata encryption(14%). ^[0]
• 2017 2024 57% of IoT devicesmay be vulnerable to attack. ^[0]
• Only 4% of developers believe there is no room for improvement in their IoT security practices.25% believe a total overhaulis needed. ^[0]
• 96% of Baby Boomers are distrustful of social mediawhen. ^[0]
• it comes to protecting their data, followed by94% of Gen Xers,93% of Gen Z, and92% of Millennials. ^[0]
• An overwhelming majority of all users The Blinding Effect of Security Hubris on Data Privacy by Malwarebytes Facebook related crime grew 19%in. ^[0]
• % feel it’s unethical for social media platforms to tailor newsfeeds. ^[0]
• 67% of UKconsumersbelieve recommendations based on purchase/browsing history are unethical. ^[0]
• Speaking of newsfeeds, did you know that around30 40% of social media infections come from infected ads?. ^[0]
• Cybercriminals are also leveraging social media to promote their hacking services around30 40% of the social media platforms. ^[0]
• No wonder34% of US adults don’t trust social media companies at allwith safeguarding their personal data. ^[0]
• 60% of those were on Facebook. ^[0]
• At least 20% of social media infections stem from add ons or pluginsfor social media platforms. ^[0]
• Social media phishing is on the risewith social channels accounting for 8% of attacks. ^[0]
• 56% of companies in the US have dealt with a data breach. ^[0]
• 41% of US companies have been hit with a breach within the past year. ^[0]
• This is down 38% over 2020’s figure. ^[0]
• There were far fewer individuals impacted by data breaches in 2021 than in 2019 with numbers down by 66% to under 300 million. ^[0]
• In total, these affected almost 188 million individuals, up 10% on the 170 million individuals in 2020. ^[0]
• Phishing was the most common type of cyber attack causing breaches, accounting for 33% of compromises. ^[0]
• This is in agreement with the Verizon report that tells usalmost 40% involved social engineering attacks, with phishing, pretexting, and bribery as the most common malicious actions. ^[0]
• The use of stolen credentials was involved in more than 20% of breaches. ^[0]
• Ransomware was another common attack type, involved in 22% of breaches that had a cyber attack as their root cause. ^[0]
• The top hacking vector in breaches was web applications, involved in around 90% of hacking breaches. ^[0]
• Over 70% of breaches were financially motivated. ^[0]
• This sounds like a lot, but it’s actually down from 86% the previous year. ^[0]
• The most affected industries by breaches targeting payment card data are retail (24%) and finance and insurance (18%). ^[0]
• Small businesses are much more likely to be targeted,accounting for over 50% of all breaches. ^[0]
• This is an almost 100% increase from last year, when they were the victims just 28% of the time Public organizations suffer the highest rate of data breaches, with healthcare and finance in second and third. ^[0]
• It’s expected that healthcare breaches will increase by 10–15% over the next year. ^[0]
• 70% of cloud infrastructures were breached in a 12. ^[0]
• 70% of data breaches expose emails. ^[0]
• The top actors are part of organized crime, responsible for around 80% of breaches. ^[0]
• Nationstate or state affiliated actors, system admins, and end users are other key players, but are each only responsible for around 5% of breaches. ^[0]
• 67% of costs related to data breaches are incurred in the first year following a breach, but 22% are realized in the second year and 11% in the third. ^[0]
• It takes months or longer to discover 40% of breaches. ^[0]
• Almost three quarters (72%). ^[0]
• 39% of organizations report that they don’t think they would detect a file. ^[0]
• Only 7% of security leaders can quantify the financial impact of breaches. ^[0]
• 50% of organizations only spend 6–15% of their security fundson securing data. ^[0]
• Having an incident response team at the ready can reduce the average cost of a breach by $2.46 million, a difference of 54.9%. ^[0]
• Cybersecurity teams join the planning stage of 36% of business initiatives. ^[0]
• On average,stocks immediately experience a drop of 0.43%in share price following a breach. ^[0]
• We observed a 45.6% increase in share prices during the three years prior to breach, and only a 14.8% growth in the three years following the compromise. ^[0]
• Breached companies recover to NASDAQ’s pre breach performance level after 38 days on average, but three years after the breach they still underperform the index by a margin of over 40%. ^[0]
• 55% of people are worried about criminalsaccessing their data. ^[0]
• 92% of people know the risks of reusing passwords across their online accounts, which inherently leads to a higher risk of password theft and credential misuse. ^[0]
• Despite this, 65% do it anyway. ^[0]
• 66% of surveyed users said they simply skim through or do not read end user license agreements or other consent forms. ^[0]
• Only 47% know which permissions their apps have. ^[0]
• 78% of people in the UK are most concerned about identity theft resulting in financial loss. ^[0]
• 96% of people polled for a study. ^[0]
• 75% of consumers now limit the amount of personal information they share online. ^[0]
• internationally, 36% of people surveyed by RSA said their personal information was compromised in a data breach over the last 5 years, and 45% of US respondents confirmed the same. ^[0]
• What’s more, 58% of U.S. respondents said they’dconsider divesting from companies that disregardprotecting their data. ^[0]
• But there’s good news as well a little over 53% of people now usepassword managers. ^[0]
• Under the EU GDPR, companies can be fined up to €20 million or 4% of their annual turnover, whichever is higher. ^[0]
• France’s CNIL received 30% more complaints in the first year of the GDPR than in the previous year. ^[0]
• We are starting to see a trend ofinitially large fines being reducedafter legal action such as a 90% reduction on a British Airways fine and an 80% reduction on a fine against Marriott. ^[0]
• Awareness of the GDPR is fairly high with over twothirds (69%). ^[0]
• Men are slightly more aware (71%) than women (67%). ^[0]
• Poland has the highest rate of GDPR awareness at 95% 71% of people are aware of their respective data protection authoritywith those in the Czech Republic being the most aware (90%). ^[0]
• 60% of people in the EU 27 know that they may access personal data held by public administrations but only 51% are aware the same applies to private companies. ^[0]
• The big picture view is that up to 1% of the world’s. ^[0]
• GDP is now being lost to cybercrime, according to McAfee The Hidden Costs of Cybercrime 2020. ^[0]
• What’s more, the cost of cybercrime to the global economy has increased more than 50% in two years. ^[0]
• Since 2018, we estimated that the cost of global cybercrime reached over $1 trillion. ^[0]
• We estimated the monetary loss from cybercrime at approximately $945 billion. ^[0]
• Here’s what the studies reveal about money laundering alone The United Nations Office on Drugs and Crime estimates that 2–5% of global GDP is laundered each year. ^[0]
• The Hidden Costs of Cybercrime 2020) 68%. ^[0]
• The Hidden Costs of Cybercrime 2020) 26% of companies reported brand damage as a result of a cyberattack. ^[0]
• The average payout of successful cyber insurance claims (only 28.4% are successful). ^[0]
• 91% of companies say a DDoS attack cost their business up to $50,000. ^[0]
• The US Internet Crime Complaint Center breaks down complaints and costs according to age group, state, and type of crime. ^[0]
• The losses incurred by over 60s according to 105,301 complaints to the Internet Crime Complaint Center. ^[0]
• However, only 44% of companies have both a prevention and response plan for IT security incidents. ^[0]
• Here are some more interesting spending statistics to digest 47% of organizations planned to spend more on cybersecurity in 2021. ^[0]
• There were 1,483 cybersecurity companies in the UK in 2020, representing a 21% growth over 2019. ^[0]
• Over 30% of executives said the actions required to remediate security incidents were “difficult and expensive.”. ^[0]
• Cybersecurity spending is defensive instead of innovative with 77% spent on risk and compliance instead of opportunity. ^[0]
• 42% say risk reduction is the primary driver and 18% cite compliance or regulatory requirement as the key determinant. ^[0]
• Spending on new initiatives comprises only 5% or less of the average cybersecurity budget. ^[0]
• Only about 19% of organizations say that they consider cybersecurity when planning new initiatives. ^[0]
• 53% of businesses spend more than half their cybersecurity budget on operations. ^[0]
• 43% spend less than a quarter of their cybersecurity budgets on long term investment and capital projects. ^[0]
• The effectiveness of cybersecurity spending is in question Only 9% of organizations believe their cybersecurity measures protect the business from major attacks — a significant decline from the already low figure of 20% from 2020. ^[0]
• 60% of organizations “cannot quantify the effectiveness of their cybersecurity spending to their boards.”. ^[0]
• 28% of cybersecurity budgets are spent on Security Operations Center but only 26% of identified their respective company’s most significant breach. ^[0]
• Only 19% of budget is currently going towards architecture and engineering. ^[0]
• A Deloitte survey has some slightly different figures for us Companies spent more on cybersecurity in 2020 than in 2019 (0.48% of overall revenue versus 0.34% in 2019). ^[0]
• Organizations are spending 10.9% of their IT budget on cybersecurity compared to 10.1% in 2019. ^[0]
• Deloitte breaks down cybersecurity spending as a percentage of IT spending across industry sectors in 2020 Retail/corporate banking 9.4% Consumer/financial services 10.5% Insurance 11.9% Service provider 7.2% Financial utility 8.2%. ^[0]
• Overall security strategy (95%) and review of current threats and security risks (88%). ^[0]
• Global cybersecurity spending could feasibly increase 10% in the next year. ^[0]
• 6.6% is a worst. ^[0]
• The report breaks down forecasts by solution type, with the following worst and best case growth rates Web and email security 8.8–12.5% growth Vulnerability and security analytics 7.5–11.0% growth. ^[0]
• 6.2–10.4% Identity access management 8.1–10.4% Network security 4.2–8.0% Data security 4.2–6.6% PwC’s Global Economic Crime and Fraud Survey. ^[0]
• Companies that operated a fraud prevention program ended up spending 17% less on remediation and 42% less on responses compared to companies that didn’t have those programs in place. ^[0]
• Companies that had a bribery and corruption program had 58% lower costs when dealing with a related incident than companies without a program. ^[0]
• Human resource limitations over 50% of organizations are “re training existing IT staff to tackle cloud security challenges”. ^[0]
• 85% of companies are interested in replacing passwords with new forms of authentication. ^[0]
• “53% are using machine learning for cybersecurity purposes.”. ^[0]
• 71% of SMBs and enterprises intend to increase IT investment over the next two years. ^[0]
• IT security accounted for 26% of overall IT budgets for SMBs in 2020 compared to 23% in 2019. ^[0]
• For enterprises, Kaspersky found that the figure was 29%. ^[0]
• SMBs increasing their budget cite more complex IT infrastructure (43%), the need to improve security expertise (39%), and a desire to improve defenses (34%). ^[0]
• 9% of SMBs intend to decrease IT security budgets in the next three years. ^[0]
• 32% of senior management don’t see why companies should be investing so much in the future, which threatens to drive down IT security spending. ^[0]
• 29% of SMBs are lowering overall expenses to optimize budgets, another reason IT security spending could be reduced. ^[0]
• 68 percent of respondents whose organizations experienced more cyberattacks in the past year report being somewhat or significantly understaffed. ^[0]
• 39% of companiesmention thatless than 2% of their total IT staffwork in cybersecurity. ^[0]
• 87% of organizations are challenged by IT security skills shortage, up from 85% in 2020. ^[0]
• 21% of organizations use third party firmsoccasionally for information security projects . ^[0]
• 59%of organizations declare thatit’s too expensive to outsource cybersecurityto specialized companies. ^[0]
• 51%of organizations believe theyneed new or improved security policiesto enhance the effectiveness of their security teams. ^[0]
• The mentions that Colombia was hardest hit of all countries in 2020, with 93.9% of respondents reporting successful attacks. ^[0]
• The same report notes a 36% decrease in the number of incidents in Europe but a simultaneous 28% increase in the volume of records breached, “with UK organizations being the most affected in Europe”. ^[0]
• In terms of attack geography, “the US (45,87%), Netherlands (25,74%), Germany (5,33%) and France (4,92%). ^[0]
• Just 27% of surveyed Germans used password managers, with 78% of respondents worried that an attacker could access all of their passwords in one go. ^[0]
• While the majority of all emails received by federal networks were spam, phishing, or malware related (76%). ^[0]
• In another sign that padlock icon in your URL bar can no longer be relied upon as an indicator of a “safe” website, the majority (77%). ^[0]
• There’s some good news coming from Australia 100% of surveyed decisions makers confirmed they have some level of influence over choices made for the company’s cybersecurity program, up from 97% in 2018. ^[0]
• Australian business prioritizes security solutions such as operational technology (65%), CCTV and external video sources (61%), biometric and physical access systems (58%), and BAS, uninterruptible power supply and alarming systems (56%). ^[0]
• Their caution is justified because 65% of Australian businesses had their business interrupted by a security breach in the past year. ^[0]
• In the APAC region, companies are interested in user and entity behavior analytics (57%) and in threat intelligence platforms (56%). ^[0]
• In Europe, DevOps for security (55%) and security for IoT (also 55%). ^[0]
• The Global Risks Report 2020 from the World Economic Forum provides a detailed outlook of how things look for individual users 75% of consumers expect cyberattacksinvolving the theft of money or data to increase. ^[0]
• 76% of individual users cite worrying aboutlosing their privacy to companiesas a main concern. ^[0]
• 76% of consumers dread the loss of privacy to governmentsover the course of this year. ^[0]
• Gartner predicts that organizations which isolate or segment their IoT devices will experience 25% fewer successful cyberattacks by 2024. ^[0]
• Inc. 3 – $15 billion in cyber security fundingAccording to the 2019 President’s Budget released by the White House, the U.S. government plans to spend on cybersecurity related activities this year — a 4.1% increase over the 2018 budget. ^[2]
• productsThe average amount small businesses spend on consumer grade cyber security products each year, according toJuniper Research’s 2018 study. ^[2]
• 6 – Women anticipated to make up 20% of the cybersecurity workforceCybersecurity Ventures. ^[2]
• estimates that women will represent 20% of the global cybersecurity workforce by the end of the year, according to a companypress release. ^[2]
• 7 – 20% of s anticipated to be women in 2019Women are anticipated to hold 20% of Chief Information Security Officer roles in the cybersecurity workforce by the end of the year, according to Forrester’sCyber Predictions for 2019. ^[2]
• This number is up from 13% in 2017. ^[2]
• 8 – 49.6 day period between breach discovery and reporting datesThe number of days between when a data breach was discovered and reported was nearly 50 days in 2018, according to areport from security intelligence vendor. ^[2]
• 70% of cryptocurrency transactions for illegal activityThe percentage of all cryptocurrency transactions predicted to be used for illicit activity is anticipated to be 70% by 2021, according to theCybersecurity Almanac 2019 by Cybersecurity Ventures. ^[2]
• >11%The percentage by which security breaches have increased over the past year, according to theNinth Annual Cost of Cybercrime global study by Accenture. ^[2]
• 11 – Security breaches increased by 67%Over the past five years, security breaches have increased by 67%, according to Accenture’s global survey. ^[2]
• 12 – SMBs are targeted 43% of the timeSCORE reports that 43% of cyber attacks target small businesses. ^[2]
• This number, which is up from the company’s 15 – Ransomware damage estimated to reach $20 billion globallyThe Cybersecurity Ventures annual crime report indicates that the same costs will reach$11.5 billion annually this year and $20 billion per year by 2021. ^[2]
• 16 – Cybercrime costs organizations $13 million per yearThe average cost of cybercrime for an organization is estimated to be $13 million per year, according to Accenture’s global study. ^[2]
• – 12 Breaches Results in +100 million exposed sensitive recordsAll it took was 12 data breaches to expose 100 million sensitive records in 2018, according to RBS’s report. ^[2]
• 20 – 60% of Americans exposed to fraud schemesSixty percent of Americans report they or an immediate family member have been victims of a scheme to defraud, according toresearch from The Harris Poll and the American Institute of CPAs. ^[2]
• – 23% of Americans are cybercrime victimsNearly. ^[2]
• one quarter of surveyed Americans reported they or someone they know were victimized by cybercrime in 2018, according to Gallup’sannual crime survey. ^[2]
• 22 – 31% of security professionals organizations victims of OT cyber attacksEarly. ^[2]
• 23 – Reported cybercrime victims only 1012% of totalDonna Gregory, unit chief at the FBI’s Internet Crime Complaint Center , estimated that only 10 12% of all U.S. cybercrime victims were reported in 2016, according to aNew York Times article. ^[2]
• 24 – 76% of organizations and businesses were phishing targetsThe number of organizations that were targeted by phishing attempts in 2017, according to Wombat Security’sState of the Phish 2018 report. ^[2]
• The report also indicates that 58% of the companies they surveyed have more than 100,000 folders accessible to all employees. ^[2]
• 28 – 41% of companies allow all employees access to > 1,000 sensitive files. ^[2]
• Varonis’s report indicates that 41% of the companies they surveyed have more than 1,000 sensitive files open to all employees. ^[2]
• 31 – 38.4% of mining industry users receive malicious emailsAccording to Symantec’sInternet Security Threat Report 2019 report, 38.4% of users in the mining industry were targeted with malicious emails. ^[2]
• 32 – 1 in 302 emails targeting public administration users are maliciousEmail users working in the public administration sector receive one malicious email for every 302 emails they receive, according to Symantec’s ISTR 2019 report. ^[2]
• 33 – >20 ATM malware families now existAccording to Kaspersky Lab, there are now more than20. ^[2]
• Facebook users were publicly exposed in two app datasets that were digitally stored in two Amazon Simple Storage Service storage buckets, according to a 2019 announcement byUpGuard. ^[2]
• 40 – 30 million users exposed in 2018 Facebook data breachIn 2018, 30 million Facebook users were affected by another data breach, according toConsumer Reports. ^[2]
• (Juniper Research estimates that the U.S. companies and organizationswill be the targets of more than 50% of all cyber attacks by 2024.). ^[2]
• 41 – 20.4 billionThe anticipated number of Internet of Things devices that will exist by 2020, according to apress release from Gartner,. ^[2]
• Inc. 42 – Routers account for 75% of infected devices in IoT attacksRouters. ^[2]
• accounted for 75% of IoT attacks in 2018, and connected cameras accounted for 15% of them. ^[2]
• 45 – IoT devices typically attacked within 5 minutesFive minutes is the amount of time it takes for an IoT device to be attacked once plugged into the Internet, according to a report from NETSCOUT. ^[2]
• – China accounted for more than 50% of DDoS attacks in Q4. ^[2]
• 2018The percentage of distributed denial of service attacks that originated in China in Q4 2018 fell to 50.43% from 77.67%, according to Kaspersky’sDDoS Q4 Report. ^[2]
• The United States came in second with nearly 25% and Australia in third with 4.5%. ^[2]
• 47 – $20 price tag for DDoS attacksThe low cost per target to purchase a DDoS attack ranging from 290 to 300 gigabits per second, according to an ARS Technicaarticle. ^[2]
• According to an article bySecurity Magazine, one in 50 emails contain some form of malicious content. ^[2]
• Digital Trends estimates that 10% of all malicious emails contain malware such as ransomware, spyware, adware, or trojans. ^[2]
• 50 – Office files constitute 48% of malicious email attachmentsForty eight percent of malicious email attachments were Microsoft iOffice files in 2018, according to Symantec’s ISTR 2019 report. ^[2]
• Doc” or “.dot” files represented37% of malicious email attachments. ^[2]
• 51 – Mobile ransomware jumped 33% last yearIn 2018, the prevalence of mobile ransomware increased by 33%, according to Symantec’s ISTR 2019 report. ^[2]
• 52 – Enterprise ransomware increased 12%in 2018Last year, enterprise ransomware increased 12%, according to Symantec’s ISTR 2019 report. ^[2]
• 53 – Scripts represent 47.5% of malicious email attachmentsNearly 48% of malicious email attachments are scripts, according to Symantec’s ISTR 2019 report. ^[2]
• 54 – 95% of HTTPS servers vulnerable to MitMAccording to Netcraft,MitM attacks were thought to pose a threat to 95% of HTTPS servers in 2016. ^[2]
• 55 – MitM attacks were involved in 35% of exploitationsMore than onethird of exploitation of inadvertent weaknesses involved MitM attacks, according to IBM’sX Force Threat Intelligence Index 2018. ^[2]
• 56 – 10% of companies implement Only 10% of companies have implemented HTTP Strict Transport Security for websites, according toresearch from W3Techs. ^[2]
• Cofense, formerly PhishMe, reports that 91% of cyber attacks start with a spear. ^[2]
• – U.S. target of 86% phishing attacksPhish Labs reports that 86% of phishing attacks targeted U.S. victims. ^[2]
• 60 – 83% of infosec professionals experienced phishing attacks in 2018 Eighty three percent of global information security respondents experienced phishing attacks in 2018, according to ProofPoint’sState of the Phish 2019 Report. ^[2]
• 98 and 93% of social incidents and breachesVerizon’s2018 Data Breach Incident Report states that “phishing and pretexting represent 98% of social incidents and 93% of breaches.”. ^[2]
• 64 – Formjacking compromised4,818 websites monthly in 2018The average number of websites compromised by formjacking code each month in 2018 was 4,818, according to Symantec’s ISTR 2019 report. ^[2]
• 67 – 75% of LAN penetration due to web application. ^[2]
• weaknessesThree quarters of network penetration vectors resulted from poor web application security protections, according to a2019 report on vulnerabilities in corporate information systems by Positive Technologies. ^[2]
• 68 – Only 2% of IT budget is used for securityZDNet reports that only 2% of companies’ IT expenditure last year was used on security measures. ^[2]
• 69 – 70% of employees don’t understand cybersecurityThe percentage of U.S. employees wholack a basic understanding of cybersecurity best practices is estimated to be 70%. ^[2]
• 70 – 32% of U.S. companies failed to properly implement SSL/TLS HighTech Bridge reports that 32% of U.S. companies (16% of European companies). ^[2]
• 75 – 68% of business don’t have cyber security insuranceMore than. ^[2]
• twothirds of businesses neglect to purchasecyber liability or data breach insurance coverage, according to a Cisco’s 2018 Cyber Security and Insurance paper. ^[2]
• 76 – 68% don’t have a disaster recovery plan in placeMore than two thirds of small business owners lack a disaster recovery plan, according to astudy by Nationwide. ^[2]
• The company also reports that 71% of small business owners do not purchase business interruption insurance. ^[2]
• 78 – 73% of companies have minimum cyber security requirements for vendorsThe percentage of organizations that now require third party vendors to meet minimum cyber security requirements, according to a BDO USA’s2018 cyber governance survey. ^[2]
• users receive phishing trainingWe’re happy to share that 95% of survey respondents report training employees. ^[2]
• 8,678,838 of these messages were identified as Spam by our filters , and 160,541 as Marketing. ^[12]
• According to APWG’s Phishing Activity Trends Report for Q3 2021 phishing attacks have remained steady but high in 2021. ^[13]
• Compare this with the beginning of 2019, when almost 74 percent of phishing attacks involved credential phishing. ^[13]
• Phishing Review the company reported that “93% of modern breaches involve a phishing attack”. ^[13]
• Symanetc’s Internet Security Threat Report 2019 shows spearphishing emails are used by almost two thirds of all known groups carrying out targeted cyber attacks. ^[13]
• The report also tells us that 96 percent of targeted attacks are carried out for the purpose of intelligence gathering. ^[13]
• However, in its 2021 report, Cofense is quick to remind consumers that .com domains still account for 50 percent of credential phishing attacks. ^[13]
• There’s been a marked change with Software as a Service and webmail attacks rising from just 8.7 percent of all attacks in Q2 2021 to 29.1 percent of all attacks in Q3. ^[13]
• The next biggest targets are financial institutions and payment providers which accounted for 24.9 percent of attacks combined. ^[13]
• However, according to Proofpoint’s 2021 State of the Phish, nearly three quarters of US organizations “experienced a successful phishing attack last year.”. ^[13]
• This was a 9 percent increase on 2020 and remained higher than the 2021 global average which stood at 57 percent. ^[13]
• 2020 Data Breach Investigation Report found that phishing is one of the top threat action varieties in data breaches, with 22 percent of data breaches involving phishing. ^[13]
• In its 2021 report, the prevalence of social engineering attacks, including phishing, continued on an upward trend accounting for around 30% of attacks. ^[13]
• Out of four age groups, baby boomers were most likely to recognize the terms “phishing” and “ransomware.”. ^[13]
• In its October 2021 report, McAfee Labs reports that of all the cloud threats it analyzes, spam showed the highest increase of reported incidents – up by 250% from Q1 to Q2 of 2021. ^[13]
• 90 percent of the phishing attacks reported to Cofense are discovered in an environment that uses an SEG. ^[13]
• These account for around 35% and 30% of threats respectively. ^[13]
• PDF files came in third; accounting for around 20% of the extensions that reach users in SEG. ^[13]
• Despite this, according to Cofense, around 12 percent of malicious attachments exploit this vulnerability. ^[13]
• However, as users catch up and patch the CVE2017 11882 vulnerability, we will likely see associated attacks diminish. ^[13]
• As reported by APWG, a whopping 84 percent of phishing sites examined in Q4 of 2020 used SSL. ^[13]
• This continues the long running trend of increasing around 3% every quarter. ^[13]
• In BEC attacks, in particular, 60 percent of attackers requested they be paid in gift cards in Q4 2020. ^[13]
• This is a decrease of 11 percent over the previous quarter. ^[13]
• Other popular forms of payment are direct bank transfer and payroll diversion. ^[13]
• Interestingly, payroll diversion is much more common now than last quarter (when it accounted for 6%). ^[13]
• According to Kaspersky, we can expect to see other nations employ any trick they can to steal COVID. ^[13]
• Cofense predicts that 2024 will see new emerging delivery methods for TrickBot with companies likely to be increasingly targeted by campaigns using LNK and CHM downloaders. ^[13]
• Unfortunately, as a 2018 data analysis from Third Way shows, “less than 1% of malicious cyber incidents see an enforcement action taken against cybercriminals.”. ^[14]
• In other words, bad guys are getting away with essentially 99% of their nefarious activities without law enforcement doing anything in response to it. ^[14]
• This is up 10% from the $3.86 million reported in the previous year’s report. ^[14]
• The report, which is based on a study of 6,803 insider related incidents and was carried out by the Ponemon Institute, indicates that these events involved one of the following 56% involved negligence. ^[14]
• 26% involved a criminal insider 18% involved user credential theft. ^[14]
• Trade secrets and intellectual property theft come in swinging with estimated revenues topping $500 million. ^[14]
• In 2021 alone, GDPR fines reached a staggering €1,065,071,470, according to Atlas VPN’s research team!. ^[14]
• Amazon received a €746 million fine in response to GDPR privacy violations, according to the company’s June 30, 2021 SEC filing. ^[14]
• According to RiskIQ, which was acquired by Microsoft in 2021, the average cybersecurity incident costs an average of $1,797,945 per minute!. ^[14]
• Or, putting it another way, that’s the equivalent of $29,965.75 every second, or basically the average cost of buying a used car with current inflation (which has increased 28% since November 2020). ^[14]
• 6 — 36% of Data Breaches Involve Phishing in One Way or Another Verizon’s. ^[14]
• This is basically a 25% increase over the previous year’s dataset. ^[14]
• — Cybercriminals Targeted Web Apps in 80% of Hacking. ^[14]
• — 45% of Fraud Attacks Are Carried Out by Using Your Legitimate Brand as the Scapegoat Just when you thought things couldn’t get any worse, it turns out there’s, apparently, a way to do just that. ^[14]
• According to Check Point Research’s Brand Phishing Report for Q4 2021, the delivery company takes on the mantle of the most commonly impersonated brands, surpassing the title’s usual contender Microsoft. ^[14]
• In the last quarter of the year, DHL was represented in 23% of phishing attacks they studied globally. ^[14]
• The other top five most commonly impersonated brands include Microsoft (20%) WhatsApp (11%) Google (10%) LinkedIn (8%). ^[14]
• 72% of U.S. Businesses Rely on Hardware Security Modules. ^[14]
• Here’s a nice statistic for us here in the United States — Entrust’s 2021 Global Encryption Trends Study data shows that we lead the way in terms of deploying HSMs, followed closely by Denmark (70%). ^[14]
• Compare this to United Kingdom (51%), France (45%), and Mexico (31%). ^[14]
• 12 — 81% U.S. Organizations View HSMs As Key Components of Effective Encryption & Key Management Following up on the last cybercrime statistic, Entrust’s. ^[14]
• Comparatively, 65% of U.K. respondents and 58% of their French counterparts feel the same way. ^[14]
• 13 — 91% of Organizations Want or Are Discussing Implementing PKI Automation Public key infrastructure and digital certificates are integral to data security and integrity. ^[14]
• 14 — 96% of Executives View PKI as “Essential to Zero Trust Architecture”. ^[14]
• However, their survey also shows that a whopping 61% — nearly two thirds of respondents — don’t include zero trust within their zero trust strategies. ^[14]
• 82% of Organizations Say Their IT Security Budgets Have Increased. ^[14]
• Considering that the average organization’s IT security budget still only constitutes 15% of the overall IT budget, it’s not the rate of speed. ^[14]
• 2021 Data Breach Investigations Report shows that 85% of breaches involved the “human element” — meaning that either your employees were targeted or they made a mistake that resulted in a breach. ^[14]
• So, I’m glad to see that KnowBe4’s 2021 State of Privacy and Security Awareness Report shows that 91% of employees within the Finance industry shared that they’d undergone at least one form of related training. ^[14]
• 17 — Breach Costs for Companies Using Strong Encryption Cost $1.25 Million Less on Average IBM’s Cost of a Data Breach 2021 data shows that organizations that relied on no encryption or weak encryption wound up paying an average of 29.4% more per breach. ^[14]
• 19 — 30% of CISOs’ Roles. ^[14]
• CISOs have an often thankless job — if you do 99.9% of things right but have one mistake leads to a breach, that’s the one thing you’ll be remembered for. ^[14]
• 23 — 40% of Companies Use Spreadsheets to Manually Track PKI Digital Certificates. ^[14]

I know you want to use Email Encryption Software, thus we made this list of best Email Encryption Software. We also wrote about how to learn Email Encryption Software and how to install Email Encryption Software. Recently we wrote how to uninstall Email Encryption Software for newbie users. Don’t forgot to check latest Email Encryption statistics of 2024.

Reference

1. comparitech – https://www.comparitech.com/vpn/cybersecurity-cyber-crime-statistics-facts-trends/.
2. varonis – https://www.varonis.com/blog/cybersecurity-statistics.
3. thesslstore – https://www.thesslstore.com/blog/80-eye-opening-cyber-security-statistics-for-2019/.
4. purplesec – https://purplesec.us/resources/cyber-security-statistics/.
5. norton – https://us.norton.com/internetsecurity-emerging-threats-cyberthreat-trends-cybersecurity-threat-review.html.
6. fundera – https://www.fundera.com/resources/small-business-cyber-security-statistics.
7. gatefy – https://gatefy.com/blog/security-statistics-facts-email-main-vector-cyber-threats/.
8. google – https://transparencyreport.google.com/safer-email?hl=en.
9. virtru – https://www.virtru.com/blog/email-security-2/.
10. xaasjournal – https://www.xaasjournal.com/5-email-security-statistics-and-facts-you-need-to-know-to-protect-your-clients/.
11. csoonline – https://www.csoonline.com/article/3634869/top-cybersecurity-statistics-trends-and-facts.html.
12. expertinsights – https://expertinsights.com/insights/50-phishing-stats-you-should-know/.
13. utep – https://www.utep.edu/information-resources/iso/security-awareness/statistics/spam-statistics.html.
14. comparitech – https://www.comparitech.com/blog/vpn-privacy/phishing-statistics-facts/.
15. thesslstore – https://www.thesslstore.com/blog/cyber-crime-statistics/.

How Useful is Email Encryption

One of the primary benefits of email encryption is that it can provide an extra layer of security for sensitive information. By scrambling the content of an email so that only the designated recipient can decipher it, encryption helps protect against unauthorized access to personal and confidential data. This can be especially crucial in industries like healthcare, finance, and legal services, where privacy and confidentiality are of utmost importance.

Moreover, email encryption can also help safeguard businesses from cyber attacks and data breaches. With the rise of phishing scams, ransomware attacks, and other malicious activities, encrypting email communications can make it much harder for cybercriminals to intercept and exploit sensitive data. By using encryption, businesses can better protect their intellectual property, financial information, and customer data from falling into the wrong hands.

Furthermore, email encryption can also help build trust and credibility among clients and customers. By reassuring them that their information is being transmitted securely, businesses can demonstrate a commitment to privacy and security, which can enhance their reputation and relationships with stakeholders. In today’s competitive business landscape, having robust security measures in place, including email encryption, can set companies apart from their competitors and instill confidence in their clients.

On the other hand, some may argue that email encryption may not be foolproof and can sometimes create inconveniences for users. Encrypting emails can make them harder to read, especially for recipients who may not have the necessary encryption keys or software. This can lead to delays in communication and potential misunderstandings, which can be frustrating for both senders and recipients. Additionally, managing encryption keys and ensuring that both parties are using compatible encryption tools can add a layer of complexity to email communication.

Despite these challenges, the benefits of email encryption far outweigh the drawbacks. In an era where cybersecurity threats are ever-present, safeguarding our digital communications is paramount. While no security measure is foolproof, encrypting emails can significantly reduce the risk of data breaches and unauthorized access to sensitive information.

Ultimately, the usefulness of email encryption lies in its ability to protect our privacy, secure our data, and foster trust in our digital communications. By incorporating encryption into our everyday email practices, individuals and businesses can better safeguard their information, strengthen their cybersecurity defenses, and uphold the integrity of their communication channels. As technology evolves and cyber threats continue to evolve, email encryption will remain a critical tool in combating cybercrime and ensuring the privacy and security of our digital interactions.

In Conclusion

Be it Email Encryption benefits statistics, Email Encryption usage statistics, Email Encryption productivity statistics, Email Encryption adoption statistics, Email Encryption roi statistics, Email Encryption market statistics, statistics on use of Email Encryption, Email Encryption analytics statistics, statistics of companies that use Email Encryption, statistics small businesses using Email Encryption, top Email Encryption systems usa statistics, Email Encryption software market statistics, statistics dissatisfied with Email Encryption, statistics of businesses using Email Encryption, Email Encryption key statistics, Email Encryption systems statistics, nonprofit Email Encryption statistics, Email Encryption failure statistics, top Email Encryption statistics, best Email Encryption statistics, Email Encryption statistics small business, Email Encryption statistics 2024, Email Encryption statistics 2021, Email Encryption statistics 2024 you will find all from this page. 🙂

We tried our best to provide all the Email Encryption statistics on this page. Please comment below and share your opinion if we missed any Email Encryption statistics.