100+ Cybersecurity Statistics 2023

Adam Hide
Updated: Apr 19, 2024

TL:DR

Key Takeaways

Adam Hide

Adam Hide

EVP, Marketing

The digital realm of 2023 presents a complex landscape of both challenges and opportunities. As we increasingly rely on technology in our daily lives and businesses, it becomes a double-edged sword, bringing convenience and productivity, but also exposing us to more cybersecurity threats.

The soaring number of cyberattacks has made cybersecurity more critical than ever before. This year, cybercrime damages are projected to cost a staggering $8 trillion globally. Let’s let that sink in (ouch!).

This blog post will delve into the most significant cybersecurity statistics of 2023, providing a comprehensive view of current threats, impacts, readiness, and incident management. Read on to arm yourself with the knowledge to navigate these digital battlegrounds.

Extent and Costs of Cybercrime

$8 trillion

Cybercrime damages are expected to cost $8 trillion USD globally in 2023.

$570,000

The average ransomware payment skyrocketed 518 percent in 2021 to $570,000.

$3.86 million

The average data breach costs an organization $3.86 million.

$8.64 million

The average cost of a data breach in the United States is $8.64 million.

The average cost of a phishing attack is $1.3 million.

$3.6 million

The average cost of an IoT security breach is $3.6 million.

Cybercrime Threats and Techniques

358%

Malware increased by 358% in 2020.

435%

Ransomware attacks rose by 435% in 2020 compared to 2019.

Artificial Intelligence

Cybercriminals are increasingly using artificial intelligence (AI) and machine learning (ML) to automate their attacks.

Cybercriminals

Cybercriminals are increasingly using social engineering techniques to trick victims into giving up their personal information.

AI-powered cyberattacks are more difficult to detect and respond to.

600%

The number of cyberattacks increased by 600% in the first half of 2022.

Cybersecurity in Organizations

14%

Only 14% of organizations have a comprehensive cybersecurity strategy.

206 days

The average time to detect a data breach is 206 days.

73 days

The average time to contain a data breach is 73 days.

70%

70% of data breaches are never reported to law enforcement.

Remote work has made businesses more vulnerable to cyberattacks.

54%

54% of organizations have experienced a security breach involving IoT devices.

Workforce and Cybersecurity Education

$100,000

The average salary for a cybersecurity professional is $100,000.

31%

The demand for cybersecurity professionals is expected to grow by 31% by 2023.

Cybersecurity talent

The global shortage of cybersecurity talent is a major challenge.

12 Phishing emails

The average employee clicks on 12 phishing emails per year.

Only 50% of employees report phishing emails to their IT department.

Training

Businesses need to provide employees with training on cybersecurity.

4.7 million

The global cybersecurity workforce is estimated to be 4.7 million people.

3.4 million

There is a global shortage of 3.4 million cybersecurity workers.

$110,140

The average salary for a cybersecurity professional in the United States is $110,140.

31%

The demand for cybersecurity professionals is expected to grow by 31% by 2025.

25%

Women make up only 25% of the cybersecurity workforce.

Minorities account for 49% of all cybersecurity workers under the age of 30.

76%

76% of cybersecurity professionals consider recruiting and hiring new employees difficult.

60%

60% of cybersecurity professionals feel the demands of their job limit them from keeping up with cybersecurity skills.

Open roles

More open roles exist for systems security analysts than any other cybersecurity profession.

Cybersecurity education

Cybersecurity education is increasingly being offered at the K-12 level.

Cyberattack Statistics

200%

Ransomware attacks are on the rise, with the average ransom demand increasing by 200% in 2022.

94%

Malware attacks are still the most common type of cyberattack, with 94% of malware being delivered by email.

12 phishing emails

Phishing attacks are also on the rise, with the average employee clicking on 12 phishing emails per year.

Zero-day attacks

Zero-day attacks are the most dangerous type of cyberattack, as they exploit vulnerabilities in software that the software vendor is not aware of.

Malware increased by 358% in 2020.

435%

Ransomware attacks rose by 435% in 2020 compared to 2019.

153 million

There were 153 million new malware samples from March 2021 to February 2022.

93.6%

93.6% of malware observed in 2019 was polymorphic, meaning it has the ability to constantly change its code to evade detection.

57%

57% of organizations experienced a phishing attack in 2021.

36%

36% of organizations experienced a malware attack in 2021.

23%

23% of organizations experienced a ransomware attack in 2021.

Remote work has made businesses more vulnerable to cyberattacks.

Cybercriminals

The Internet of Things (IoT) is a growing target for cybercriminals.

54%

54% of organizations have experienced a security breach involving IoT devices.

Automate attacks

Cybercriminals are increasingly using artificial intelligence (AI) to automate their attacks.

AI-powered cyberattacks

AI-powered cyberattacks are more difficult to detect and respond to.

12 phishing emails

The average employee clicks on 12 phishing emails per year.

50%

Only 50% of employees report phishing emails to their IT department.

Cybercrime damages are expected to cost $8 trillion USD globally in 2023.

518%

The average ransomware payment skyrocketed 518% in 2021 to $570,000.

358%

Malware increased by 358% in 2020.

435%

Ransomware attacks rose by 435% in 2020 compared to 2019.

153 million

There were 153 million new malware samples from March 2021 to February 2022.

93.6%

93.6% of malware observed in 2019 was polymorphic, meaning it has the ability to constantly change its code to evade detection.

50%

Almost 50% of business PCs and 53% of consumer PCs that got infected once were re-infected within the same year.

A 2007 study found that malicious hackers were previously attacking computers and networks at a rate of one attack every 39 seconds.

57%

57% of organizations experienced a phishing attack in 2021.

36%

36% of organizations experienced a malware attack in 2021.

23%

23% of organizations experienced a ransomware attack in 2021.

85%

85% of malware is delivered through email.

42%

Identity theft rose 42% in 2020 compared to the year before.

11%

Security breaches have increased by 11% since 2018 and 67% since 2014.

Cybersecurity Readiness and Practices

67%

67% of organizations have no budget for cybersecurity training.

43%

43% of organizations have no plan for responding to a data breach.

60%

60% of organizations do not have a security awareness program in place.

71%

71% of organizations do not have a process for regularly testing their security controls.

53% of organizations do not have a process for regularly updating their security software.

43%

43% of organizations do not have a process for regularly backing up their data.

64%

64% of organizations do not have a process for regularly training their employees on cybersecurity best practices.

14%

Only 14% of organizations have a comprehensive cybersecurity strategy.

Cyberattacks

Businesses need to take steps to protect themselves from cyberattacks.

Critical issue

Cybersecurity is a critical issue for businesses of all sizes.

Global shortage

The global shortage of cybersecurity talent is a major challenge.

The average salary for a cybersecurity professional is $100,000.

31%

The demand for cybersecurity professionals is expected to grow by 31% by 2023.

67%

67% of organizations have no budget for cybersecurity training.

53%

53% of employees click on phishing emails.

Cyberattack Impact and Costs

$8 trillion

Cybercrime damages are expected to cost $8 trillion USD globally in 2023.

518%

The average ransomware payment skyrocketed 518% in 2021 to $570,000.

$4.24 million

The average cost of a data breach was $4.24 million in 2021, the highest average on record.

$170,000

The average cost of a data breach for small businesses is $170,000.

The average cost of a data breach for large businesses is $3.86 million.

45%

Personal data was involved in 45% of breaches in 2021.

$1.3 million

The average cost of a phishing attack is $1.3 million.

$3.6 million

The average cost of an IoT security breach is $3.6 million.

Devastating impact

Cyberattacks can have a devastating impact on businesses, both financially and reputationally.

Cybersecurity Incident Management

$8.64 million

Data breaches are a major concern for businesses, with the average cost of a data breach in the United States being $8.64 million.

212 days

The average time to identify a breach in 2021 was 212 days.

286 days

The average lifecycle of a breach in 2021 was 286 days from identification to containment.

0.05%

The likelihood that a cybercrime entity is detected and prosecuted in the U.S. is estimated at around 0.05 percent.

53% of employees click on phishing emails.

85%

85% of malware is delivered through email.

71%

71% of organizations have experienced a data breach in the past five years.

11%

Security breaches have increased by 11% since 2018 and 67 percent since 2014.

280 days

The average time to detect a data breach is 280 days.

72 days

The average time to contain a data breach is 72 days.

70%

70% of data breaches are never reported to law enforcement.

Related Articles

venture capital statistics

venture capital statistics

June 28 • Resources

Venture Capital & Startup Statistics to Prep Founders for 2023

To provide you with a comprehensive overview of the VC funding landscape, we have compiled 100 stats that will give you valuable insights into where investors currently stand and where you should aim your sights for 2023. Get ready to navigate the funding world armed with knowledge and confidence.

Preparing for an IPO — How to De Risk the Journey

Preparing for an IPO — How to De Risk the Journey

May 5 • Resources

Preparing for an IPO — How to De-Risk the Journey

Series C fundraising is sometimes the last stop before a company goes public. Here’s how to de-risk those aspirational dreams and what you can expect from this finish line.

Why You Need Operational Risk Management at Series C

Why You Need Operational Risk Management at Series C

May 5 • Resources

Why You Need Operational Risk Management at Series C

Late-stage startups must often navigate more management liability issues than other companies. Let’s discuss how to navigate this maze of scrutiny and gauntlet of operational risks.

Risks for Late Stage Startups How to Overcome Them

Risks for Late Stage Startups How to Overcome Them

May 5 • Resources

Risks for Late-Stage Startups & How to Overcome Them

Late-stage startups face unique challenges when embarking on a Series C funding round, from regulatory compliance to global economic threats. Let’s discuss some risk management solutions to overcome these challenges.

late stage companies

late stage companies

May 5 • Resources

Mapping Out the Landscape for Late-Stage Companies

Fundraising levels for late-stage companies have slowed recently — but moving into new markets is still achievable. Let’s navigate together.

late stage companies

late stage companies

May 5 • Resources

How Late-Stage Companies Can Assign Capital Purpose

In the hunt for capital, late-stage companies must consider the purpose for any newly acquired Series C funds. In our second post of this series, we talk about how to identify that reason.