2020 posed a whole variety of unprecedented challenges for companies and individuals alike. In the face of a global pandemic, forest fires, and political unrest, it is easy to forget a major albeit less “tangible” danger: 2020 was a record-breaking year for data lost due to breaches as well as the sheer numbers of cyber-attacks. Here we present the most alarming cybersecurity statistics and also take a look at the challenges and implications for companies in the years to come.
Poor State of Cybersecurity Readiness
Despite all the warnings and high-profile breaches, the state of readiness for most companies when it comes to cybersecurity is abysmal:
- nearly 80% of senior IT employees and security leaders believe their companies lack sufficient protection against cyber-attacks despite increased IT security investments made in 2020
- on average, every employee has access to 11 million files – but only 5% of companies’ folders are properly protected
- just 57% of companies conducted a data security risk assessment in 2020
- more than 77% of organizations do not have an incident response plan
- more than 93% of healthcare organizations reported at least one security breach in the last three years
Cost of Cybersecurity Breaches
Cost of data breaches have been consistently rising in recent years. The new vulnerabilities that emerged from shifting to a remote workforce greatly expanded the opportunities for cyber-attacks and added many weak spots for hackers to exploit. Also, automated attacks by hackers and the ability to convert cryptocurrencies via ransomware have added to the cost of cybercrime.
- as of 2020, the average cost of a data breach was $3.86 million
- the average time to identify and contain a breach in 2020 was a staggering 280 days
- the average cost of downtime is 24 times higher than the average ransom amount
- the healthcare industry lost an estimated $25 billion to ransomware attacks in 2019
- cybercrime is projected to cost the world $10.5 trillion annually by 2025
- on the bright side, having business continuity and disaster recovery solutions (BCDR) in place is a huge asset: 3 out of 4 Managed Services Providers stated that clients with BCDR solutions recovered from an attack within 24 hours
More, and More Harmful Cyber-Attacks
Besides the numbers of attacks having grown significantly over the past few years, the sophistication of those threats has also increased dramatically. This is due to the application of emerging technologies such as machine learning / AI, as well as the greater tactical cooperation among hacker groups and state actors.
Types of Cyber Threats: Malware, Phishing, Ransomware
Phishing still ranks as the “go to” by most hackers because it is easy to do and often successful. Cyber criminals are quick to find ways to get around strengthened security. The malware just keeps on coming:
- the world faces over 100,000 malicious websites and 10,000 malicious files daily
- phishing attacks account for more than 80% of reported security incidents
- Google has registered over 2 million phishing sites as of January 2021 – this is up from 1.7 million in January 2020, which equates to a 27% increase in 12 months
- in 2019, 93.6% of observed malware was polymorphic, meaning it has the ability to continually change its code to evade detection
- cyber attackers sought to profit from the unprecedented challenges brought on by the pandemic: they disrupted COVID-19 efforts and critical supply chains – supply chain attacks which grew 420% in just 12 months
- deepfakes and disinformation will become even more major threats in the future
Severe Lack of Cybersecurity Measures
With those potential losses looming, enterprises are realizing they have to spend money to protect themselves and are planning their budgets accordingly. But a lot remains to be done:
- in 2019, 60% of breaches exploited vulnerabilities for which a patch was available but not applied
- phishing emails, lack of training, and weak passwords are some of the top causes of successful ransomware attacks
- almost 50% of business PCs that got infected once in 2019 were re-infected within the same year
- smaller organizations (1–250 employees) have the highest targeted malicious email rate at 1 in 323
- 66% of companies will be spending some of their increased budget to comply with laws and regulations – many of these companies complain that compliance mandates are a “distraction” from executing strategic plans
The Data at Risk
- the world will store 200 zettabytes of data by 2025
- the aforementioned data will be stored on private, public, and utility IT infrastructures and cloud data centers, personal computing devices such as PCs, laptops, tablets, and smartphones, and on IoT (Internet-of-Things) devices
- the number of internet-connected devices is expected to increase from 31 billion in 2020 to 35 billion in 2021 and 75 billion in 2025
The Takeaway: Act Now or Risk Data Loss and Security Breaches
Cybersecurity statistics can point to gaps, growing threats, and alert us to trends. The challenge is adapting the data into a functional and agile risk management strategy to be able to better protect ourselves. The need for better cyber-hygiene and data loss prevention is evident.
The alarming cybersecurity statistics for 2021 and beyond are a call to action for all company leaders around the world to take risk management more seriously. Considering the prevailing lack of qualified cyber workers, the limited knowledge of the magnitude of threats out there, as well as the unawareness of viable and trustworthy solutions, this may seem easier said than done. But it doesn’t have to be.
How Retarus can Help to Protect Your Business Data
Retarus is an IT and communications firm based in Munich, Germany. We offer a broad variety of affordable, secure, and reliable cybersecurity services such as our cloud solutions for fax, email, and SMS via our Communications Platform, our Secure Email Platform for business email, as well as our Business Integration Platform for Managed EDI Services and E-Procurement. We are experts at detecting malware and other threats – all while working entirely GDPR-compliant. With Retarus, your data remains available, intact, and confidential – anytime, anywhere in the world.
Forbes: Alarming Cybersecurity Stats: What You Need To Know For 2021 by Chuck Brooks
CSO: Top cybersecurity facts, figures and statistics by Josh Fruhlinger
Comparitech: 300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends by Andra Zaharia
IBM Security: Cost of a Data Breach Report 2020