8 Frightful Cyber Security Statistics Every User Should Know About
Nov 18, 2019
Organizations of all sizes and across a wide range of industries are under heightened scrutiny when it comes to safeguarding information and client data. Data security and privacy regulations have increased the need for small and medium-sized businesses to invest in information security products and/or outsource security services to managed service providers, in order to remain in compliance and protect their data. Most organization’s lack the skillset and manpower needed to prevent, detect, and respond to cyber risks and data breaches 24×7 leaving them vulnerable to cyber criminals who deploy sophisticated attacks daily. Following National Cyber Security Awareness Month, we felt it was important to highlight some key findings and cyber security statistics from various reports that should raise alarm and provide insight into the cyber breach landscape.
- In 2018 there was a rise in modular attacks with a 350% increase in ransomware, 250% increase in business email compromise (BEC) attacks, and a 70% increase in spear-phishing attacks on companies (AT&T Cybersecurity Shields Down Report).
- Data breaches exposed 2.8 billion consumer records in 2018, costing over $654 billion to U.S. organizations (ForgeRock U.S. Consumer Breach Report 2019).
- Personally identifiable information was the leading type of data breach in 2018, compromising 97% of all breaches (ForgeRock U.S. Consumer Breach Report 2019).
- The top three industries hit the hardest with successful attacks includes Technology (81%), Education (80%), and Retail (79%) (Cyberedge Group 2019 Cyberthreat Defense Report).
- The percentage of victimized organizations that paid associated ransoms rose considerably this year, from 38.7% to 45% (Cyberedge Group 2019 Cyberthreat Defense Report).
- 91% of social media users who were exposed to a scam, engaged with the scammer and 53% of them lost money (BBB Exposed to Scams Report).
- 69% of cyber professionals say their teams are understaffed and 34% of security professionals have a high degree of confidence in their team’s ability to detect and respond to cyber threats (State of Cybersecurity 2019).
- Companies are spending an average of $18.4 million annually on cybersecurity, yet 53% of IT experts admit they don’t know how well the cybersecurity tools they’ve deployed are working (AttackIQ 2019 Ponemon Study).
As a cyber security veteran and Chief Architect of Cybersecurity & GRC at HCL Tsechnologies, Renju Varghese states:
“In spite of the fact that the number of breaches has stabilized, the severity and impact of those breaches has increased immensely. Cybersecurity can suffer from a siloed and static approach. Most teams are missing the attacks that significantly impact organizations because they do not have the size or expertise to keep up with the attackers and their existing security tools and processes are segregated and seldom work in tandem, leaving the teams staring at multiple consoles and drowning in alerts and incidents.”
As malware, social engineering, and phishing continue to be the popular choice of bad actors to deploy attacks on organizations, cyber security awareness and training should be top of mind for IT professionals to communicate strategies of protecting information and data to employees. Investing in cyber security is the first step in protecting your organization’s data, but ensuring you are protecting the right business assets and implementing the right strategies is more important now than ever before.
Secuvant offers solutions to determine where the gaps and weaknesses in your business infrastructure lie, as well as determining what business assets are crucial to protect. Cyber Risk is Business Risk™ and through the Secuvant Cyber7™ Methodology we analyze seven key areas of risk for the business which all cybersecurity findings, gaps, and controls can be applied to. Learn more about how we can help develop a cyber security strategy that prioritizes the most important needs and controls to protect your organization from cyber risks by contacting us at firstname.lastname@example.org or 855-732-8826.