UPDATE 7/26/2017: This post has been updated with new stats and additional information based on changes in the world of cyber security since the original version went live.

Data breaches are big news these days. It seems you can’t go one day without reading about a big hack to businesses or even the U.S. government.

The number of new attacks is so staggering, it could make even the strongest among us break down and cry.


With so much news hitting the web, it can be hard to keep track of how the cyber security sector is changing and how direly some industries are threatened. Not to mention, cyber security stats from a few years ago are considerably outdated due to unprecedented growth in cybercrime.

While you can invest in network security, computer security, or even efforts to stress phishing education to your employees, sometimes you can’t quite quell something that’s an out-of-hand problem for so many.

But you can learn more about it to better respond to the common ways hackers are trying to break into your system.

The cost of cyber crime

1.Financial gain was the motivation for half of cyber security attacks in 2017. (Source: ISACA)

2. The cost of cyber crime is expected to reach over $2 trillion by 2019. (Source: Juniper Research)

3. In 2016, cybercrime cost the global economy upwards of $450 billion. (Source: CNBC) >>> Tweet this!

4. The cost of an average data breach in 2017 is actually down from previous years, hovering around $3.62 million. (Source: IBM) >>> Tweet this!

Credit: IBM

5. $3 billion were lost in the last three years through email scams sent to over 400 companies every day. (Source: Symantec)

6. The cost of an average ransom climbed to nearly $1,100 in 2016. (Source: Symantec)

7. Over 60% of Americans are willing to pay a ransom for internet extortion, almost twice as much as the global 34%. (Source: Symantec)

8. The White House plans to invest $19 billion in cyber security spending in 2017, up from $14 billion in 2016. (Source: Cybersecurity Ventures)

Risks and vulnerabilities

9. Over 75% of all legitimate websites contain unpatched vulnerabilities. (Source: Symantec) >>> Tweet this!

10. Over 80% of cyber attacks are perpetrated via weak or stolen passwords. (Source: Panda Security)

11. 44% of security alerts go uninvestigated due to the overwhelming amount of information received by security officers. (Source: Cisco)

12. Email is more dangerous than ever: one in 131 emails—the highest rate in five years—contain malware. (Source: Symantec)

13. Phishing scams target businesses: corporate email accounts are six times more likely to be targeted than personal ones. (Source: Panda Security)

14. Most cyber attacks happen in the middle of the work week, when scammers can easily contact prime targets via email. (Source: Rapid7)

Credit: Rapid7

15. Former employees pose a big threat: Over 25% of employees report stealing company data when leaving a job. (Source: Law Journal Newsletters)

16. 58% of cyber attacks in the financial industry and 71% of attacks in healthcare industries come from the inside. (Source: IBM)

17. 2 billion personal records stolen were stolen in the U.S. in 2016, 100 million of which were medical records. (Source: CNBC)

Effects on small business

18. Over 40% of cyber attacks target small businesses. (Source: Small Business Trends)

19. 80% of businesses think they’ll experience a cyber attack sometime this year. (Source: ISACA)

Credit: ISACA

20. Only 33% of SMBs think their organization can prevent a cyber attack. (Source: Ponemon Institute)

21. 69% of SMBs lack an adequate staff and/or budget to keep up with increasing cyber security demands. (Source: Ponemon Institute)

Overview of the cyber security industry

22. Almost half of all security operation managers receive 5,000 alerts per day. (Source: Cisco)

23. Experts predict 24% growth in the cyber security industry over the next seven years. (Source: CSO)

24. The cyber security unemployment rate is at 0%, and there could actually be 3.5 million unfilled positions by 2021. (Source: CSO)

25. It takes six months to fill most cyber security positions (55%). (Source: EMRSOAP)

26. CSO salaries are increasing at a rate of 30% as companies compete for competent tech officers with industry certification. (Source: Forbes) >>> Tweet this!

27. 59% of organizations spend $1,000 or more on continuing education for security professionals. (Source: ISACA)

Credit: ISACA
28. 52% of organizations report that their security officers lack an understanding of how business works. (Source: ISACA)


Shocked by anything on our list? Know other IT security stats that should have made the cut? Let me know in the comments below.

Looking for IT Management software? Check out Capterra’s list of the best IT Management software solutions.

Leave a Reply