The Ultimate List of Cybersecurity Statistics for 2023

Rebekah Carter

Updated April 18, 2023

Cybersecurity is a common topic among consumers and businesses alike.

As we continue to spend more of our lives in the digital world, we’re all looking for ways to keep ourselves, and our data secure. Unfortunately, while digital transformation unlocks countless opportunities for better communication, innovation, and productivity, it also paves the way for new forms of cybersecurity attacks.

The consistent effort to secure the digital environment has driven an ever-growing cybersecurity market. By 2028, experts predict the industry will be worth around $372.04 billion. Already, the space stood at a value of around $179.96 billion as of late 2021.

These cybersecurity statistics will tell you everything you need to know about the landscape.

Key Cybersecurity Statistics – Editor’s Choices

  • Cybersecurity market size is growing at around 10.9% CAGR worldwide
  • The 2020 pandemic caused a significant uptick in cybercrime and phishing.
  • Healthcare is the most expensive industry for data breaches, with lost data causing around $7.18 million in losses during 2020.
  • It can take up to 280 days for a cybersecurity breach to be discovered and contained.
  • Around 95% of cybersecurity breaches are a result of human mistakes

Cybersecurity Statistics: The State of Cybersecurity

1. In 2020 total security spend was at $123 billion


Gartner found responding security issues is one of the biggest challenges companies faced in 2020. The overall average security spend for 2020 sat at around $123 billion, with many organizations investing in things like automated security checking and intelligent systems.

2. The number of data breaches increased by 2020

RiskBased Security

In 2020, RiskBased Security found that data breaches exposed around 36 billion records, just in the first half of the year. That’s double the number of records exposed throughout the whole of 2019. The study also found that around 43.6% of the companies reporting data breaches in 2020 omitted the number of records exposed, indicating a higher degree of loss.

number of data breaches

3. Most security breaches are caused by humans

Cybint Solutions

We often assume that bad technology is the cause for cybersecurity problems, but around 95% of security breaches actually come from human error, according to Cybint solutions. The best first-step for any security strategy may therefore be properly training teams to stay secure.

4. Cybercrime issues could account for around $5.2 trillion in losses


Accenture found that in the years from 2019 to 2024, the total losses experienced by cyber crime could add up to around $5.2 trillion. Notably, Accenture also found that malware is currently the attack type that costs the most to overcome. The price of dealing with malware has increased by 11%, while the cost of malicious insider attacks from within the business has risen by 15%.

direct vs indirect cyber risks

5. 497 data records per second were stolen or lost on average in 2019


An Iomart study revealed that around 479 data records were either stolen or lost every second during 2019. This accounts for around $71,823 lost per second, or an average of $6,205,479,452 lost per day, according to the company’s calculation of information value.

A data breach can also cause a company to lose value in terms of stock and reputation. The average company would experience a value drop of around 7.27% after a cybercrime issue. This could lead to millions in loss for larger businesses.

company value drops due to cyber attacks

6. Security services made up 50% of cybersecurity budgets in 2020


Gartner’s review of information security spending in 2019 found that worldwide investment in security services is increasing. In 2020, around 50% of spending for cyber issues was dedicated to security services designed to help companies overcome common vulnerabilities.

7. The most expensive component of a cyberattack is lost information


Accenture’s 2019 Cost of Cybercrime Study found that the most expensive component of any cybersecurity issue is information loss, equating to around $5.9 million. The report also found that people-based attacks are currently increasing the most today, with Malware increasing by 11%, and web-based attacks seeing an increase of 13%.

types of cyber attacks

Cybercrime Statistics: Preparedness

8. 64% of Americans have no idea what to do in the event of a breach


Varonis found most American citizens don’t know what to do if they’re hit with a data breach. Around 64% said they wouldn’t know what to do if data was stolen, and another 64% have never even checked to see whether they’ve been victim to an attack.

9. It takes an average of 280 days to find and contain a data breach

Ponemon Institute

According to the Ponemon institute, it takes up to 280 days on average for companies to find the source of a data breach after a cybersecurity issue. The number of days on average can vary depending on the industry. For instance, retail workers often find the source of a breach within 197 days.

10. Companies leave a huge number of sensitive files open to employees


The Varonis team found that the average employee has access to around 11 million files at work. Around 17% of all sensitive files are also accessible to all employees, and 15% of companies leave more than a million files available for any staff member. Even worse, the same Varonis study found that 60% of companies have over 500 accounts with non-expiring passwords.

sensitive files statistics

11. Vulnerabilities are everywhere


Verizon notes that around 93% of all malware arrives on our computers via email, and phishing is currently the number one form of social engineering attack. Phishing accounts for around 80% of all reported incidents today. Of course, there are plenty of other sources of vulnerability today’s companies aren’t prepared for. Around 11,000 exploitable issues are listed by the CVE database today, and 34% had no patches available at the end of 2019.

12. 18% of SMBs still list security as their lowest priority

Kennet Research

Despite a rising number of cybersecurity attacks, around 18% of SMBs in 2019 said they consider cybersecurity investment and protection to be their lowest priority. A further 66% of respondents said they consider a cyberattack to be an unlikely issue for their business, even though 67% of SMBs were hit by an attack in 2019.

Cybersecurity Statistics: Cybercrime Trends

13. Malware is the most common cybercrime attack

Tech Target

Studies show that the most common form of cybercrime in 2020 was malware (34%), followed closely by Phishing (25%), and unauthorized access to specific pieces of personal information (20%). The report also found that social security numbers are being stolen at an increasing rate, with breaches increasing by 500% between 2016 and 2019.

forms of cybercrime

14. Healthcare, IT, Finance, and Public Administration are the main target for data breaches

RiskBased Security

In 2020, the pandemic prompted healthcare to take the top spot as the most targeted industry for cybercrime and attacks. 341 reports were reported during Q3 of 2020 in healthcare, followed by 306 in Information, 274 in finance and insurance, and 259 in public administration.

most popular industries for cyber attacks

15. The average ransomware payment rose by 33% in 2020

Fintech News

The cost of ransomware in cybercrime is increasing, particularly following the pandemic. According to Fintech News, Coronavirus has led to a 238% increase on attacks on banks. What’s more ransomware attacks 148% in March, with the average price of a ransomware payment raising by 33% in 2020 to $111,605.

16. Ransomware detections are more dominant in countries with high levels of internet connections


The more connected a country is, the more likely they are to face ransomware attacks. The US is the current leader in ransomware attacks, accounting for 18.2% of all breaches worldwide. Symantec has also found a rapid increase in the number of ransomware variants appearing each month.

ransomware detecion by country

17. By 2023, there will be an average of 15.4 million DDoS attacks worldwide


Cisco’s annual internet report for 2018 to 2023 notes that DDoS attacks are growing increasingly prevalent in the digital world. The report indicates there will be around 15.4 million DDoS attacks happening worldwide by 2023. Cisco also believes that new risks will emerge in the form of 5G, networked devices, and public Wi-Fi hotspots. Year over year, the number of DDoS attacks has increased by around 39%.

Cybersecurity and the 2020 Pandemic

18. Since the pandemic began in 2020, cybercrime reporting increased by 300%

IMC Grupo

Working together on a report into cybercrime, Google and the FBI Internet Crime Complaint center revealed a huge increase in attacks since the start of the pandemic. The number of complaints rose from around 1000 issues per day, to between 3,000 and 4,000 in the pandemic. Google also reported a massive increase in COVID-19 related phishing attacks.

19. Cybersecurity incidents have increased in almost every industry


According to Verizon, 2020 saw around 157,525 collected incident reports and 108.069 breaches. More than 100,000 of the breaches reported involved compromised credentials of individual users cloud data and bank account details. The most significant rise in incidents appeared to happen in the Accommodation industry, followed by administration, agriculture, construction, education, entertainment, finance, and healthcare.

cyber accidents by industry

20. Americans lost $97.39 million to Stimulus Check Scams


Many of the major issues with cybersecurity that arose from the pandemic came from criminals taking advantage of vulnerable people during lockdowns. Online shopping scams were particularly common, with 23,296 cases as of August 2020. However, Americans were also found to have lost around $97.39 million to COVID-19 stimulus check scams during 2020 too.

stimulus checks scams

21. Remote work has increased the cost of data breaches


IBM’s research into global cybersecurity and data breaches found that the cost of a data breach has increased with the arrival of remote work. On average, the cost to a company for a single data breach can range to around $137,000. This might have something to do with the findings from other pandemic studies. For instance, 47% of employees cited distraction as the primary reason for falling for phishing scams at home.

22. Remote workers have caused security breaches in 20% of organizations


Research into the cybersecurity risks of remote work indicate that hybrid and distance workers could represent a significant problem for teams. Around 20% of companies say they dealt with security issues as a result of remote working activities. 24% said they had to pay to deal with a malware attack or cybersecurity breach following lockdown orders, and 18% admitted cybersecurity wasn’t a priority for their remote employees.

security breaches due to remote working

Cybersecurity Statistics by Industry and Business Size

23. Healthcare is a focus area for cybercrime

HIPAA Journal

While all companies from any industry can face the threat of cyber criminals, healthcare is particularly at risk. During 2020, Healthcare breaches per month accelerated at an incredible rate. According to the HIPAA journal, around 95 breaches of 500 or more records were recorded during September, an increase of 156.75% compared to August.

24. The average cost of a financial services data breach is $5.85 million


The average cost of a data breach in financial services is around $5.84 million. In 2020, financial services also boasted the lowest average time to identify and contain data issues, however. The average company in this sector will take around 233 days to detect and contain an issue. Unfortunately, there are still a lot of risk factors. For instance, 64% of financial services companies have over 1000 sensitive files open to access for any employee.

25. Smaller organizations are still at risk


Many companies believe that it’s only the big brands targeted by criminals in cybersecurity events. However, smaller companies have the highest targeted malicious email (phishing) rate according to Symantec. Around 1 in every 323 emails are malicious.

malicious email rate

26. 50% of larger enterprises are spending more than $1 million annually on security


Bigger companies are also dealing with significant levels of risk. Around 50% of large companies with more than 10,000 employees are spending more than $1 million each year on security. Cisco also found that around 43% of these employees were spending between $250,000 and $999,999 per year.

27. The US handles the highest data breach costs in the world


A report by IBM into data breaches caused by cybersecurity problems found the US is the most expensive country for data breaches. US companies spends around $8.46 million on average to respond to data breaches. The second more expensive region was the Middle East, at around $6.52 million. Of all industries in the US with data breach costs to consider, healthcare was the one most likely to lead to expensive outcomes.

costs of a data breach

Understanding Cybercrime Statistics

Cybercrime will always be a central concern for businesses in the digital world. As companies continue to rely more on access to the right technology for innovation and growth, the potential for cybercrime issues continues to increase. Being aware of the numbers could mean you can make better decisions about your cyber protection strategy.

Want to Learn More?

← Back to Blog

Rebekah Carter is an experienced content creator, news reporter, and blogger specializing in marketing, business development, and technology. Her expertise covers everything from artificial intelligence to email marketing software and extended reality devices. When she’s not writing, Rebekah spends most of her time reading, exploring the great outdoors, and gaming.

Let us guide you so that you can make the right choice

Simplify your software search and get started by browsing our categories.

Browse our categories
Featured on

© 2023, a SoHo Media Ltd company. All Rights reserved.
Affiliate Disclosure | Cookie Policy | Privacy Policy | Terms of Use | Sitemap