With the growing cost of cyberattacks, organizations must be well-prepared as we go deeper into 2021. Making yourself aware of the alarming cybersecurity stats 2021 is a critical first step. Knowing the latest cybersecurity stats enables organizations to plan and implement a robust cybersecurity strategy.
Read on to know more about the alarming cybersecurity stats of 2021.
Shocking Cybersecurity Stats 2021 That You Must Know!
The State of Readiness
Nearly 80% of IT/ IT security leaders are not fully confident about their company’s security posture (Forbes). They believe that their companies are not fully protected against potential threats despite increased investments in cybersecurity. This worry has been specially accelerated by today’s dynamic and complex IT environment with remote work, new technology adoption, and so on.
Over 77% of organizations do not have a cybersecurity incidence response plan in place! (Cybintsolutions) A prompt and effective response to a cybersecurity incident enables organizations to minimize impact and reduce losses. This cybersecurity stat highlights that most organizations are ill-prepared to face cybersecurity incidents. On the other hand, 47% of SMEs do not have any idea how to protect themselves against cyber attacks! (Fundera)
95% of cyber-attacks are caused by human error! – according to IBM study. With the rise in social engineering attacks and poor awareness of cyber hygiene, humans are the weakest links in cybersecurity. Businesses need to invest in continuous and effective user education. It needs to be part of the cybersecurity strategy.
Another worrying cybersecurity stat in 2021 is that 58% of companies have 1,000+ inactive user accounts (varonis). In particular, 40% of financial services organizations have 10,000+ inactive user accounts! Inactive user accounts provide a fertile ground for attackers to orchestrate breaches and gain access to critical business assets(varonis). Put differently, inactive user accounts increase the organization’s attack surface by providing easy entry points for attackers.
61% of companies have 500+ users with non-expiring passwords! (varonis)This cybersecurity stat is alarming because non-expiring passwords go against the tenets of a strong password policy. They put the user data at risk since they provide easy gateways for brute force attacks.
Another major vulnerability, exposing the poor state of readiness of businesses, is overexposed data. Research finds that 53% of companies have 1000+ sensitive files open to all employees! (varonis) This kind of access is what the attackers are constantly on the lookout for. All they need to do is gain illegitimate access to the employee’s credentials!
The FBI has reported a 300% rise in reported cybercrimes in the US since the beginning of the pandemic. It takes businesses around 197 days on average to identify cyberattacks and 69 days to contain them. So, the reported number of cybercrimes does not necessarily show the full picture.
Additionally, several organizations fail to report cybersecurity incidents despite being mandated by laws and/or security regulations to do. This is usually because of the legal action and hefty fines that cybersecurity incidents attract. Putting these two factors together, the actual number of cyberattacks is much bigger!
Despite seeing a 48% fall in the number of reported data breaches to 3932 in 2020, the total number of records exposed by such breaches exceeded 37 billion! (Riskbasedsecurity) That is a whopping 141% increase in the number of records exposed in 2020. This is, by far, the highest number of records exposed by data breaches in a single year ever.
5 major data breaches in 2020 exposed 1 billion or more records each while 18 data breaches exposed between 100 million and 1 billion records each!
The severity of data breaches is known to have increased by a factor of 10 in 2020. In Q1 2020, breach severity was found to be 4.75 on average. In Q4 2020, the figure reached 5.71! (RiskbasedSecurity)
Cybersecurity Threat Statistics: Nature, Magnitude and Sophistication
Here are some important cybersecurity threat statistics, you must know.
- Malware threats increased by 358% in 2020! (deepinstinct)
- Out of the 3932 data breaches in 2020, 676 included ransomware as a part of the attack. The number has doubled since 2019. (RiskbasedSecurity)
- North America saw a 252% increase in cryptojacking attacks in 2020! (Sonicwall)
- With millions of unsecured devices connecting to the internet, DDoS attacks saw a 50% rise in Q3 2020. (Kaspersky Labs)
- 43% of all cyberattacks target small and medium businesses while 64% have experienced some form of web-based attacks. 62% of SMEs have been victims of social engineering attacks. (fundera)
Cost of Cyber-Attacks
The average global cost of a data breach increased to USD 3.86 million in 2020! The healthcare industry faces the highest cost of a data breach at USD 7.13 million! (IBM)
The average time is taken to identify and more importantly, contain data breaches are a major factor affecting the cost. Businesses could save up to USD 1 million by containing breaches within 200 days. (IBM)
The Key Takeaways
Cybersecurity was a serious and fast-growing challenge even before the global pandemic. However, the global pandemic has further accentuated the security challenges faced by organizations. The alarming cybersecurity stats 2021 highlight the need for robust and effective cybersecurity for organizations of all kinds. As you forward, it’s time to test and upgrade your security program with security service providers like Indusface and fight back against the emerging threats.