The past few years have highlighted just how large of a threat cybercrime is becoming. 2021 broke many records for cybersecurity statistics, including the largest ransomware attack in history, increased cyberattacks due to remote working, and more money spent on cybersecurity than ever before.
As we enter a new year, there are already projections that the current cybersecurity situation will continue to worsen, affecting governments, businesses, and people all around the world. Although the outlook for cybersecurity in 2022 doesn’t look great, being aware of the risks will help individuals, companies, and countries to protect themselves from the dangers that could lie ahead.
The team at PrivacySharks has put together the most important cybersecurity statistics and projections for 2022. Take a look below!
The 10 Most Important Cybersecurity Statistics and Facts in 2022
If you’re short on time, here are the 10 most important cybersecurity statistics and facts in 2022 that you should know about.
- Surprisingly, small-to-midsized businesses suffer from half of all cyberattacks. 60% of targeted companies go out of business within six months of a security breach.
- 95% of all cyber security breaches are caused by human error and over the past year, 85% of breaches come from human element.
- Stolen credentials cause 61% of security and data breaches. Make sure you don’t share or mislay your passwords and usernames!
- Cybersecurity experts are in high demand; there is a cyber security professional shortage of around 72 million worldwide.
- Experts believe that cybercrime is going to cost the world $10.5 trillion annually by 2025.
- The cost of ransomware attacks is projected to reach $265 billion by 2031.
- 1 in 3 Americans were victims of a phone scam in 2021, with phone scam losses totaling $29.8 billion.
- The largest ransomware attack to date was the Kaseya hack in 2021 costing $70,000,000.
- There are expected to be six billion phishing attacks in 2022.
- Supply chain attacks are more common than ever; 97% of companies have been affected by a cybersecurity breach in their supply chain.
What Does Cybersecurity Cost the World?
Money makes the world go round, and nearly all cyberattacks are motivated by money. Cybersecurity prevention and response efforts cost increasingly more each year, with prices expected to shoot up in 2022.
- In 2020 cybercrime cost the world a whopping $1 trillion, and this rose to $6 trillion in 2021. At the end of 2021, cybercrime became the third-largest world economy after the USA and China.
- The cybersecurity market is expected to grow by 12% to 15% by 2025 as more people invest in internet security solutions.
- Cybersecurity protection costs are predicted to rise to $170 billion in 2022.
- A malware attack costs a company on average around $2.6 million.
- Information loss is the most costly part of a cyber attack, costing almost $5.9 million.
- Each individual’s stolen record costs $146.
- The USA suffers the biggest losses from data breaches at around $8.64. The Middle East is a close second at $6.52 million.
- Overall data breach costs in 2021 rose from $3.86 million to $4.24 million. This is the highest figure seen in the last 17 years.
- Remote work has had a costly effect on data breaches, with costs increasing by $1.07 million.
- In 2020, the US President’s Budget included $17.4 billion for cybersecurity-related activities, which increased by $790 million from 2019.
Covid-19 and Cybersecurity
Unsurprisingly, the Covid-19 pandemic has had and continues to have, a detrimental effect on cybersecurity. It looks like Covid-19 will continue to affect cybersecurity.
- Remote work caused by the pandemic has led to a massive increase in the use of VPN (Virtual Private Network) and RDP (Remote Desktop Protocol) solutions.
- However, the increased use of VPN and RDP solutions has led to more cybercrime since company data can become more easily compromised.
- Cybercrime has increased by 600% since the COVID-19 pandemic began in 2020. Cybercriminals send emails with malicious attachments and phishing links. Scammers have even pretended to be WHO, encouraging users to click on malicious links.
- Unfortunately, 47% of individuals have fallen for a phishing scam while working remotely.
- The average cost of a data breach has increased by $137,000 due to remote working.
- 20% of managers say they faced a security breach due to remote working.
- Zoom, which became a heavily used VoIP service during the pandemic, has suffered from data breaches. Over half a million Zoom accounts have been compromised and found for sale on the Dark Web.
How Often Do Cybersecurity Attacks Occur?
The increase in cybercrime is reflected in the shocking rate of how often cybersecurity attacks occur.
- A cyberattack is thought to occur daily every 39 seconds.
- There are around 2244 cybersecurity attacks per day.
- IoT devices endure around 5,200 cyber-attacks each month.
Cybersecurity GDPR Statistics
The GDPR (General Data Protection Regulation) enforces rules to ensure personal data is protected. However, there has been a sharp increase in GDPR-related breaches, as well as many companies not fully complying with the regulations since they came into effect in 2018.
- Companies are predicted to continue spending a lot on GDPR in 2022. Businesses are estimated to spend around $9 billion on GDPR.
- 88% of companies spent more than $1 million in preparation for GDPR regulations.
- In 2018 (the first year of GDPR), 144,000 complaints were filed with GDPR enforcement agencies and there were 89,000 data breaches. Fines reached $63 million in the first year.
- $57 million GDPR-related fines have been issued to Google.
Industry-Specific Cybersecurity Statistics
Every industry is at risk of cyberattacks, with construction and healthcare at the top of the list.
- During the Covid-19 pandemic, there has been a reduced focus on cybersecurity which led to an increase in cyberattacks against hospitals by 45% in 2020.
- In response to the increase in cybersecurity, the healthcare industry is estimated to spend around $125 billion between 2020 to 2025 to improve cybersecurity.
- In the past two years, 89% of healthcare organizations have experienced a data breach and in the past three over 93% have experienced a data breach.
- Healthcare cybersecurity breaches cost more than other industries at around $17.3 million.
- $25 billion was lost to ransomware attacks in 2019.
- On average, healthcare services have had 113,491 confidential files exposed.
- A financial company suffers an average loss of around $18.3 million due to cyberattacks.
- 352,771 sensitive financial services files have been exposed which is around 21%.
- A financial services data breach costs on average around $5.85 million USD.
- It takes on average 233 days for a financial business to detect and contain a data breach.
- The US government had 1.2 billion sensitive records compromised in 2018.
- The US government spent around $18.78 billion on cybersecurity in 2021.
- Worldwide government organizations suffer 13% of all ransomware attacks.
- On average a ransomware attack on a business costs $133,000.
- Over 77% of businesses lack an incident response plan.
- Worryingly, only 5% of most companies’ folders are adequately protected from cyber attacks.
- Small businesses, consisting of between 1–250 employees, are most at risk of receiving malicious emails with 1 in 323 being targeted.
- The overall loss a company incurs due to a data breach is on average $3.92 million.
- The cost of cybersecurity per employee has steadily increased over the years rising from $2,337 in 2019 to $2,691 in 2020, and expected to grow further in 2022 and onwards.
- 50% of large companies (with more than 10,000 employees) spend upwards of $1 million per year on cybersecurity.
- Six out of ten small businesses shut down six months after suffering a security breach.
- Companies with a zero-trust approach to security reduce the cost of a breach by $1.76 million.
- Schools are currently the second most targeted industry for ransomware attacks, with education overall being the sixth most targeted industry.
- Education records are extremely profitable and sell for up to $265 on the Dark Web.
- 41% of cybersecurity breaches at universities are caused by social engineering attacks.
- 30% of internet users based in the education field have been victims of phishing emails.
- Out of 17 industries, education was ranked as the least secure in terms of cybersecurity.
Cybersecurity Job Statistics
The cybersecurity job industry is booming, with many more jobs appearing every day. However, there are also risks within the cybersecurity job industry.
- The US cybersecurity workforce consists of around 925,000 people but around 510,000 of these are currently unfilled.
- The cybersecurity industry currently has a 0% unemployment rate.
- Due to the cybersecurity staff shortage, the US government has started to use AI (Artificial Intelligence) software to fill the gaps.
- New employees have the highest risk of incurring a cyberattack, with almost 60% of new hires being a risk.
- 30% of data breaches are carried out by or involve internal actors.
- On average, employees have access to 11 million files, which poses a risk to businesses’ cybersecurity.
Ransomware is fastly becoming the biggest cybersecurity threat to businesses and individuals. 2021 saw the most expensive ransomware attack in history occur, and predictions indicate it won’t hold that position for long.
- Global ransomware damages reached $20 billion in 2021.
- Ransomware is predicted to cost $265 billion (USD) annually by 2031 with attacks taking place every 2 seconds.
- The USA suffers from the most ransomware with 18.2% of all attacks occurring there.
- The average amount of monthly ransomware transactions in 2021 was a whopping $102.3 million.
Phishing attacks are an extremely common way for scammers and hackers to either steal money or gain sensitive information from internet users.
- Phishing increased vastly in 2020, accounting for 1 in every 4,200 emails.
- 65% of cybercriminals groups use spear-phishing as the primary infection tool. Spear-phishing is when criminals send emails to encourage users to give them information.
- 80% of security incidents are phishing attacks.
- Every 60 seconds $17,700 is lost because of a phishing attack.
- 97% of the population cannot recognize a phishing scam.
- 83% of organizations were the targets of phishing attacks in 2021.
- 30% of phishing emails are opened, which exposes many people to risks.
- A whopping 93% of social attacks are linked to phishing attacks.
- 22% of security breaches are linked to phishing.
- Phishing attempts increased by 667% in March 2021.
- In 2021, scammers took more than $100,000 with a Twitter phishing attack.
Malware takes many shapes and forms, with ransomware, Trojans, and worms falling under the Malware umbrella term. Therefore, there are many ways that individuals can be targeted by malware in 2022 and beyond.
- The average loss of time with a malware attack is 50 days.
- 94% of malware is sent by emails in phishing or spam emails.
- Office files make up 48% of malicious email attachments.
- 17% of security breaches involve malware.
- Google reported 18 million COVID-related daily malware and phishing emails during the pandemic.
Supply Chain Attack Statistics
Supply chain attacks are more common than ever, with cybercriminals frequently compromising services to gain access to multiple businesses’ systems.
- Supply chain attacks in the US increased by 42% in the first quarter of 2021 alone.
- Around 93% of businesses have suffered a security breach due to supply chain attacks.
- The federal government is adapting supply chain issues into the government security strategy.
Cybersecurity and Mobile Usage
Smartphones are increasingly being attacked by cybercriminals. Remote working means that many employees have been using their phones to work, but these devices are usually not as secure as computer or other devices, leaving them vulnerable to cyberattacks.
- 46% of companies have had an employee install a malicious mobile app.
- 1 in 36 mobiles contain high-risk apps which could have malware.
- 40% of mobile phones are susceptible to cyberattacks.
Cryptocurrency and Cybercrime
Cryptocurrencies were center stage in 2021, with the cost of Bitcoin drastically rising. This led to the production of many different cryptocurrencies, and unfortunately, a lot of cybercrime.
- 25% of businesses have been victims of cryptojacking (mining coins on a user’s device without them knowing).
- Cryptomining is linked to 90% of remote code execution attacks.
- Globally, crypto scammers netted around $14 billion in cryptocurrency in 2021.
Predictions in Cybercrime
Cybercrime is rapidly evolving, meaning that cybersecurity is too. Here are some of the world’s predictions for the cyber sector in the near future:
- Cybersecurity groups are expected to join forces, which could reduce protection rates to as low as %0.05.
- IoT devices will endanger households in the future, with homes currently experiencing 104 threats to IoT devices each month.
- The rollout of a 5G network comes with certain cybersecurity risks since it moves from more controlled hardware switching to software-defined routing.
- Distributed Denial-of-Service (DDoS) attacks are predicted to grow to 15.4 million by 2023.
General Cyberattacks Statistics
To round up this list of essential cybersecurity statistics and predictions for 2022 are some additional interesting facts that we wanted to include.
- Zero-day attacks (in which cybercriminals exploit vulnerabilities before cybersecurity professionals can fix them) became exceedingly more common in 2021.
- 58% of breaches in 2020 involved compromised personal data.
- The average lifecycle of a breach was 280 days including identification to containment.
- 45% of security breaches are hacking-related.