Join Us at the Black Hat CISO Event at Mandalay Bay on August 5 RSVP Now.×
Home » Spin.AI Blog » Cybersecurity » The Latest Cybersecurity Statistics By Category
December 9, 2021 | Updated on: April 18, 2024 | Reading time 7 minutes

The Latest Cybersecurity Statistics By Category

Avatar photo

Product Manager

Previous years had shown the continuous rise of various digital threats. Cybersecurity professionals are not standing still for these threats and try to address them properly.

In some sense, 2020 was special—the coronavirus pandemic and the global shift to remote working became significant factors affecting the cybersecurity landscape. How exactly? Let’s find out from the latest cybersecurity statistics.

Cybersecurity Statistics 2021

By the end of the year, worldwide spending on cybersecurity is going to reach $123 billion. Despite this impressive number, the industry still has the potential to grow even further in order to address various cyber threats. Also, the lack of appropriate security measures is widely observed. For example, 43% of SMBs don’t have any cybersecurity plans in place.

The facts below represent key cyber threats and their impact in 2020. We hope they will allow you to understand the modern cybersecurity landscape and its challenges better.

Data Breach Statistics

Experiencing a data breach can result in various undesirable consequences for companies. These include financial and reputational damages, disruption of business continuity, and violations of compliance requirements.

Here are some of the most recent data breach statistics  (according to IBM’s Cost of Data Breach Report 2020):

  • Attacks on supply chain attacks rose by 42% in Q1 2021 in the US. It affected approximately 7M people. According to the Identity Theft Resource Center (ITRC), 137 organizations reported being hit by supply chain cyber-attacks at 27 different third-party vendors.
  • The average cost of a data breach is $3.86 million, which is 1,5% lower than in 2019
  • The average cost of a breach for organizations with incident response teams and plans is $3.29 million. For organizations without teams or plans, the damages are higher—$5.29 million
  • The average cost per customer PII (Personally Identifiable Information) record is $175
  • The main reasons behind malicious breaches are compromised credentials, cloud misconfiguration (both 19%), and vulnerability in third-party software (16%).

Related: The Cost of Data Breach – Calculate the ROI of Backup and Disaster Recovery Software

Ransomware: The Growing Menace

Ransomware has been a significant threat for individual users and organizations alike for a long time. Recent ransomware statistics information shows that this type of malware is on the rise.

Cybersecurity Statistics: yoy increase of ransomware damage in $ (2015-2021)
  • According to US Treasury, $5.2 billion in BitCoin transactions is due to ransomware payments.
  • FinCEN identified 68 different ransomware strains active in H1 2021 based on SARs. REvil/Sodinokibi, Conti, DarkSide, Avaddon, and Phobos were the most common.
  • The average ransom payment increased by 82% from $312K in 2020 to $570K in the first half of 2021
  • A new ransomware attack occurs, approximately, every 11 seconds.
  • The average sum that hackers demand to release locked data continues to increase, reaching $111,605. This is a tremendous growth compared to $6,733 in 2018 and $36,295 in 2019. In other words, the average ransom demand has grown more than 16 times in less than two years. Ryuk and Sodinokibi are enterprise-targeting ransomware strains responsible for this surge.
  • The average ransom payment reached $233,817 in Q3 2020, which is 31% higher than in the previous quarter.
  • The average downtime cost of a ransomware attack reached as high as $283,800 compared to $141,000 in the previous year.

Related: Enterprise ransomware prevention guide


Criminals have taken advantage of the panic caused by coronavirus to intensify phishing attacks and spread malware. Let’s take a look at this year’s phishing statistics to evaluate the extent of the phishing threat.

  • Phishing rose 220% compared to the previous year
  • 42,8% of malicious attachments in phishing messages were Microsoft Office documents
  • Most often, phishing attacks target SaaS companies (34.7%)
  • Gmail blocks more than 100 million phishing emails each day

Related: Phishing Prevention Measures

Insider Threats: A Danger From Within

Careless or malicious human behavior patterns often referred to as insider threats, can be a reason behind data breaches and other security incidents. This type of threat has increased by 47% in the past two years.

According to a report by the European Union Agency for Cybersecurity, the average annual cost of cybersecurity incidents caused by an insider is €11,45 million (approximately $13,71 million).  Here are some stats to highlight the danger of insider attacks (source: 2020 Insider Threat Report).

  • In 38% of cases, loss of critical data, and operational disruption were consequences of insider attacks. 24% of attacks resulted in brand damage
  • 54% of respondents name customer data as the most vulnerable to insider attacks. Intellectual property is the second-most vulnerable information (47%), and financial data is the third (46%). Other vulnerable information includes employee (43%), company (36%), and sales & marketing data (29%)
  • 81% of organizations find it difficult to assess the full impact of insider attacks
  • 88% of respondents recognize the importance of unified security for apps, devices, and other systems

Related: Insider Threats Mitigation

Key Intake

The facts speak for themselves—the danger from various cyber threats continues to grow. The danger can come from both inside and outside of an organization. Insider threats can lead to a data breach as sure as a cyber attack organized by hackers.

To face the challenges of the modern cybersecurity landscape, SMBs and large organizations alike need to use a multi-layered approach to protect their data from loss and damage. Creating a cybersecurity policy is a great way to structure your security, data protection, and incident response measures.

Read next: Creating a cybersecurity policy template

Frequently Asked Questions

How many cyber attacks happen per year?

The number of cyber attacks varies from year to year and depends on various factors such as advancements in technology, security measures, attackers’ motives, etc. As technology continues to advance, the number of cyberattacks has generally been increasing. According to various sources, there are an estimated 800,000 reported cyber attacks that happen each year.

Is phishing the most common cyber attack?

Phishing is one of the most common types of cyber attacks with over 500 million phishing attacks reported in 2022. That’s twice more of reported attacks in 2021.

How many new malware are detected each day?

560,000 new pieces of malware are detected every day. Currently, there are now more than 1 billion malware programs circulating.

Was this helpful?

Thanks for your feedback!
Avatar photo

Written by

Product Manager at Spin.AI

Will Tran is the Product Manager at Spin.AI, where he guides the product's strategic direction, oversees feature development and ensures that the solution solves his clients’ cybersecurity needs.

Will is a security professional who started his career at Lockheed Martin where he worked on National Security Space programs in business development and product management.

Will holds a BA in Economics and Mathematics from UCSB and an MBA with a specialization in Technology Management and Marketing from UCLA Anderson School of Management.

At Lockheed Martin, Will developed the multi-year strategy campaign and supported the product development of a national security satellite program for the United States Air Force, which resulted in a multi-billion dollar contract.

During business school, Will consulted 2 non-profit organizations as part of a series of national consulting case competitions. He set strategic priorities, optimized business operations, and developed a process to qualify new revenue streams for his non-profit clients. These initiatives resulted in 15-20% increase in annual surplus.

In his spare time, Will can be found at local coffee shops around Los Angeles, traveling to different countries, or hanging out with his cat.

How Can You Maximize SaaS Security Benefits?

Let's get started with a live demo

Latest blog posts

Mastering Disaster Recovery – Best Practices in 2024

From natural calamities to cyber threats and system failures, organizations face numerous challenges that can...

Avatar photo

Product Manager

Read more
SaaS backup and application governance

Expert Insights: SaaS Backup and Application Governance (Part 3)

Welcome back to our blog series on SaaS data protection. Part 1 focused on data...

Avatar photo

Former Gartner Analyst, Backup & Recovery

Read more

Protecting Your SaaS Environment: Insights from the Snowflake Incident

High-profile breaches are in the news more than ever before. However, data breaches are no...

Avatar photo

Product Manager

Read more