Phishing, smishing, and business e-mail compromise (BEC) have been the most widespread types of cyber attacks in the United States, resulting in data compromises. In 2023, these attacks made up around 18 percent of the total cyber attacks in the country that led to a violation of personal data. Ransomware attacks ranked second, while malware followed. A significant part of the examined attacks, 58 percent, were unspecified.

Did the COVID-19 pandemic really affect cybersecurity? Short answer – Yes. Cybercrime is up 600% due to COVID-19.

Cyber attacks on businesses are becoming more frequent, targeted, and complex. The effects of a cyber attack go well beyond the direct financial consequences. In 2024, ** percent of respondents indicated greater difficulty in attracting new customers as the main consequence of cyber attacks.

These cybersecurity statistics will help you understand the state of online security and give you a better idea of what it takes to protect yourself.

In 2024, manufacturing saw the highest share of cyberattacks among the leading industries worldwide. During the examined year, manufacturing companies encountered more than a quarter of the total cyberattacks. Organizations in the finance and insurance followed, with around 23 percent. Professional, business, and consumer services ranked third, with 18 percent of reported cyberattacks. Manufacturing industry and cyberattacks The industry of manufacturing has been in the center of cyberattacks in a long time. The share of cyberattacks targeting organizations in this sector in 2018 was at 10 percent, while in 2024, it amounted to 26 percent. The situation is even more compliacted when we look at the cyber vulnerabilities found in this sector. In 2024, critical vulnerabilities in manufacturing companies lasted 205 days on average. IT perspective and prevention With recent technology developments, cybersecurity is crucial to an organization’s success. Realizing this, companies have been gradually increasing cybersecurity investments. Thus, in 2024, the cybersecurity budget worldwide was forecast to increase to nearly 283 billion U.S. dollars. Roughly nine in ten board directors of companies worldwide in professional services and media and entertainment industries say they expect an increase in the cybersecurity budget.

📌 Context of the Dataset

The Healthcare Ransomware Dataset was created to simulate real-world cyberattacks in the healthcare industry. Hospitals, clinics, and research labs have become prime targets for ransomware due to their reliance on real-time patient data and legacy IT infrastructure. This dataset provides insight into attack patterns, recovery times, and cybersecurity practices across different healthcare organizations.

Why is this important?

Ransomware attacks on healthcare organizations can shut down entire hospitals, delay treatments, and put lives at risk. Understanding how different healthcare organizations respond to attacks can help develop better security strategies. The dataset allows cybersecurity analysts, data scientists, and researchers to study patterns in ransomware incidents and explore predictive modeling for risk mitigation.

📌 Sources and Research Inspiration This simulated dataset was inspired by real-world cybersecurity reports and built using insights from official sources, including:

1️⃣ IBM Cost of a Data Breach Report (2024)

The healthcare sector had the highest average cost of data breaches ($10.93 million per incident). On average, organizations recovered only 64.8% of their data after paying ransom. Healthcare breaches took 277 days on average to detect and contain.

2️⃣ Sophos State of Ransomware in Healthcare (2024)

67% of healthcare organizations were hit by ransomware in 2024, an increase from 60% in 2023. 66% of backup compromise attempts succeeded, making data recovery significantly more difficult. The most common attack vectors included exploited vulnerabilities (34%) and compromised credentials (34%).

3️⃣ Health & Human Services (HHS) Cybersecurity Reports

Ransomware incidents in healthcare have doubled since 2016. Organizations that fail to monitor threats frequently experience higher infection rates.

4️⃣ Cybersecurity & Infrastructure Security Agency (CISA) Alerts

Identified phishing, unpatched software, and exposed RDP ports as top ransomware entry points. Only 13% of healthcare organizations monitor cyber threats more than once per day, increasing the risk of undetected attacks.

5️⃣ Emsisoft 2020 Report on Ransomware in Healthcare

The number of ransomware attacks in healthcare increased by 278% between 2018 and 2023. 560 healthcare facilities were affected in a single year, disrupting patient care and emergency services.

📌 Why is This a Simulated Dataset?

This dataset does not contain real patient data or actual ransomware cases. Instead, it was built using probabilistic modeling and structured randomness based on industry benchmarks and cybersecurity reports.

How It Was Created:

1️⃣ Defining the Dataset Structure

The dataset was designed to simulate realistic attack patterns in healthcare, using actual ransomware case studies as inspiration.

Columns were selected based on what real-world cybersecurity teams track, such as: Attack methods (phishing, RDP exploits, credential theft). Infection rates, recovery time, and backup compromise rates. Organization type (hospitals, clinics, research labs) and monitoring frequency.

2️⃣ Generating Realistic Data Using ChatGPT & Python

ChatGPT assisted in defining relationships between attack factors, ensuring that key cybersecurity concepts were accurately reflected. Python’s NumPy and Pandas libraries were used to introduce randomized attack simulations based on real-world statistics. Data was validated against industry research to ensure it aligns with actual ransomware attack trends.

3️⃣ Ensuring Logical Relationships Between Data Points

Hospitals take longer to recover due to larger infrastructure and compliance requirements. Organizations that track more cyber threats recover faster because they detect attacks earlier. Backup security significantly impacts recovery time, reflecting the real-world risk of backup encryption attacks.

An extensive dataset offering key insights into cyber security statistics and trends for 2025, including data breaches, cybercrime costs, threat vectors, and industry-specific impacts.

In 2023, ransomware was the most frequently detected cyberattack worldwide, with around 70 percent of all detected cyberattacks. Network breaches ranked second, with almost 19 percent of the detections. Although less frequently, data exfiltration was also among the detected cyberattacks.

Some industries are affected by cyber attacks more than others. These next cybersecurity statistics detail specifically who is affected by cyber-attacks and why they are.

The average cyber attack takes 280 days to identify and contain and it costs an average of about $3.86 million to deal with properly.

Overview

The RT-IoT2022, a proprietary dataset derived from a real-time IoT infrastructure, is introduced as a comprehensive resource integrating a diverse range of IoT devices and sophisticated network attack methodologies. This dataset encompasses both normal and adversarial network behaviours, providing a general representation of real-world scenarios. Incorporating data from IoT devices such as ThingSpeak-LED, Wipro-Bulb, and MQTT-Temp, as well as simulated attack scenarios involving Brute-Force SSH attacks, DDoS attacks using Hping and Slowloris, and Nmap patterns, RT-IoT2022 offers a detailed perspective on the complex nature of network traffic. The bidirectional attributes of network traffic are meticulously captured using the Zeek network monitoring tool and the Flowmeter plugin. Researchers can leverage the RT-IoT2022 dataset to advance the capabilities of Intrusion Detection Systems (IDS), fostering the development of robust and adaptive security solutions for real-time IoT networks.

Introductory Paper Quantized autoencoder (QAE) intrusion detection system for anomaly detection in resource-constrained IoT devices using RT-IoT2022 dataset By B. S. Sharmila, Rohini Nagapadma. 2023 Published in Cybersecurity

Variable Table available here: https://archive.ics.uci.edu/dataset/942/rt-iot2022

Column Details: id.orig_p id.resp_p proto service flow_duration fwd_pkts_tot bwd_pkts_tot fwd_data_pkts_tot bwd_data_pkts_tot fwd_pkts_per_sec bwd_pkts_per_sec flow_pkts_per_sec down_up_ratio fwd_header_size_tot fwd_header_size_min fwd_header_size_max bwd_header_size_tot bwd_header_size_min bwd_header_size_max flow_FIN_flag_count flow_SYN_flag_count flow_RST_flag_count fwd_PSH_flag_count bwd_PSH_flag_count flow_ACK_flag_count fwd_URG_flag_count bwd_URG_flag_count flow_CWR_flag_count flow_ECE_flag_count fwd_pkts_payload.min fwd_pkts_payload.max fwd_pkts_payload.tot fwd_pkts_payload.avg fwd_pkts_payload.std bwd_pkts_payload.min bwd_pkts_payload.max bwd_pkts_payload.tot bwd_pkts_payload.avg bwd_pkts_payload.std flow_pkts_payload.min flow_pkts_payload.max flow_pkts_payload.tot flow_pkts_payload.avg flow_pkts_payload.std fwd_iat.min fwd_iat.max fwd_iat.tot fwd_iat.avg fwd_iat.std bwd_iat.min bwd_iat.max bwd_iat.tot bwd_iat.avg bwd_iat.std flow_iat.min flow_iat.max flow_iat.tot flow_iat.avg flow_iat.std payload_bytes_per_second fwd_subflow_pkts bwd_subflow_pkts fwd_subflow_bytes bwd_subflow_bytes fwd_bulk_bytes bwd_bulk_bytes fwd_bulk_packets bwd_bulk_packets fwd_bulk_rate bwd_bulk_rate active.min active.max active.tot active.avg active.std idle.min idle.max idle.tot idle.avg idle.std fwd_init_window_size bwd_init_window_size fwd_last_window_size Attack_type

Class Labels

The Dataset contains both Attack patterns and Normal Patterns. Attacks patterns Details: 1. DOS_SYN_Hping------------------------94659 2. ARP_poisioning--------------------------7750 3. NMAP_UDP_SCAN--------------------2590 4. NMAP_XMAS_TREE_SCAN--------2010 5. NMAP_OS_DETECTION-------------2000 6. NMAP_TCP_scan-----------------------1002 7. DDOS_Slowloris------------------------534 8. Metasploit_Brute_Force_SSH---------37 9. NMAP_FIN_SCAN---------------------28 Normal Patterns Details:

1. MQTT -----------------------------------8108
2. Thing_speak-----------------------------4146
3. Wipro_bulb_Dataset-------------------253

Introduction

Cybersecurity Statistics: Cybersecurity is now a crucial part of everyday life because as technology grows, the risk of cyber threats also increases. Both individuals and organizations must take steps to protect their digital assets and sensitive information from potential attacks. When talking about cybersecurity, it's common first to explain why it's important, what types of threats and weaknesses exist, and how risks can be managed.

This includes understanding the roles that both people and businesses play in protecting data, the need for regular updates and security patches, having strong ways to confirm identities, and teaching people about cybersecurity. In conclusion, it's important to remember that cybersecurity is a continuous process, and we must always stay alert and adjust to new risks. We shall shed more light on Cybersecurity Statistics through this article.

According to a survey conducted among IT security professionals worldwide, an increase in cyber attacks since the COVID-19 pandemic has been mostly seen in the area of data exfiltration and leakage. This includes unauthorized removal or transfer of data from a device, either by a perpetrator or malware. Phishing emails were also increasingly encountered by **** of the respondents.

As per Cognitive Market Research's latest published report, the Global Cyber Security market size was $154.80 Billion in 2022 and it is forecasted to reach $353.15 Billion by 2030. Cyber Security Industry's Compound Annual Growth Rate will be 10.8% from 2023 to 2030. Market Dynamics of Cyber Security Market:

Increased target based cyber-attacks:

Every year, cybercrime dramatically rises as attackers become more proficient and sophisticated. In target-based cyberattacks, hackers or attackers focus on a single organisation because they have a particular business interest. Putting the attack together could take months so they can figure out the best way to get their exploit into your systems (or users). Because it has been precisely designed to attack your systems, processes, or persons, at the office and often at home, a targeted attack is frequently more harmful than an untargeted one. In addition to having an impact on the organization's and business's finances, cybersecurity also makes businesses more vulnerable and uncertain.

Cyberattacks can potentially harm a company's reputation, especially if private customer information is taken. The established customer trust may suffer as a result of cyberattacks. This breach of trust may be challenging to repair and may have long-term effects on the company. The activities of a company are also disrupted by these attacks, making it difficult or impossible to access vital systems or data. This might cause delays in manufacturing, disrupt customer service, and result in lost income. Businesses may occasionally have to stop operating completely until the attack is stopped, which will have a greater financial impact.

Growing need for automated cybersecurity due to the increased use of IoT devices.

Restraining Factor:

Budget restrictions and a lack of specialists among SME's:

Cybersecurity is crucial prat of any organization as it protects against unwanted access, theft, and damage to critical data and computer systems. Cyber-attacks are growing more prevalent in today's digital environment, and they could have very negative effects. Due to the complexity of technology, many organisations, especially SME's, cannot afford cybersecurity despite its necessity. Cybersecurity can be complicated and calls for knowledge in fields like software development, network security, and cryptography. The cost of acquiring and maintaining this expertise might be high. In addition, considering the consistently evolving cyber threats, the updating of cybersecurity measures is necessary. This requires ongoing investment in technology, personnel, and training. Therefore, budget restrictions coupled with expensive tools and software’s and a lack of specialists in SME's might affect the growth of the cyber security market.

Current Trends on Cyber Security:

Rising e-commerce platforms and online shopping:

Rising disposable income coupled with high penetration of internet and smartphone expected to drive the e-commerce market and online shopping. Online shopping is incredibly convenient for consumers as they can shop from the comfort of their homes or on-the-go using their smartphones or tablets. This is especially true during the COVID-19 pandemic when physical stores are closed or people prefer to avoid crowded places. In addition, online retailers can offer lower prices compared to physical stores due to lower overhead costs. Moreover, E-commerce platforms are open 24/7, which allows customers to shop at any time that is convenient for them. With advances in technology, e-commerce platforms have improved their shipping and delivery options. Overall, rising e-commerce platforms and online shopping provides new opportunities to cyber security market.

Impact of COVID-19 pandemic on Cyber Security Market:

With the widespread shift to remote work and online services, there has been a surge in cyber-attacks, making cyber security more important in COVID-19 pandemic. Organizations are investing in cyber security solutions to safeguard their systems and data as a result of the rise in cyberattacks brought on by the epidemic. The need for cyber security goods and services has increased as a result. Budget restrictions, especially for SME's, have been brought on by the economic burden of the epidemic on many organisations. Cost-effective cyber security solutions are now receiving more attention as a result of this. The CO...

This report reviews the impact of the cyber attack in May 2021 on the Health Service Executive (HSE) and other health bodies. It examines the HSE's cyber attack preparedness, the financial impact of the attack and the status of implementation of PWC's post incident review recommendations.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

Cyber Security as a Service Market Outlook

The global Cyber Security as a Service market size was valued at approximately $14 billion in 2023 and is projected to reach $41 billion by 2032, growing at a compound annual growth rate (CAGR) of 12.5% during the forecast period. This remarkable growth is driven by the increasing prevalence of cyber threats and the growing need for robust security solutions across various sectors.

The growth of the Cyber Security as a Service market can be attributed to several key factors. Firstly, the rapid digitization and adoption of cloud services have exposed businesses to a myriad of cyber threats, necessitating advanced security measures. The rise in sophisticated cyber-attacks, such as ransomware, phishing, and malware, has compelled organizations to seek comprehensive security solutions to safeguard their data and ensure business continuity. Additionally, regulatory requirements and compliance mandates across industries are driving the demand for managed security services, further propelling market growth.

Secondly, the increasing adoption of Internet of Things (IoT) devices has expanded the attack surface, making enterprises more vulnerable to cyber-attacks. As IoT devices become integral to business operations, securing these devices has become paramount. Cyber Security as a Service offers scalable and flexible solutions to monitor and protect IoT ecosystems, thereby addressing the security challenges posed by these interconnected devices. Furthermore, the growing awareness about the financial and reputational damage caused by data breaches is prompting businesses to invest heavily in cybersecurity services.

Thirdly, the shortage of skilled cybersecurity professionals is a significant growth driver for the market. Many organizations lack the in-house expertise required to effectively combat evolving cyber threats. As a result, they are increasingly turning to third-party service providers to manage their cybersecurity needs. Cyber Security as a Service offers access to a pool of experts, advanced technologies, and continuous monitoring capabilities, enabling businesses to strengthen their security posture without the need for extensive internal resources.

The integration of Financial Services Cybersecurity Systems and Services is becoming increasingly vital in the face of evolving cyber threats. Financial institutions are prime targets for cybercriminals due to the sensitive nature of financial data and transactions. As a result, there is a growing emphasis on developing comprehensive cybersecurity frameworks that encompass both preventive and responsive measures. These systems and services are designed to protect financial data, ensure compliance with regulatory requirements, and maintain customer trust. By leveraging advanced technologies such as artificial intelligence and machine learning, financial institutions can enhance their threat detection and response capabilities, thereby safeguarding their operations from potential cyber threats.

From a regional perspective, North America is expected to dominate the Cyber Security as a Service market during the forecast period. The presence of major cybersecurity vendors, coupled with stringent regulatory frameworks and high adoption rates of advanced technologies, contribute to the region's leading position. However, the Asia Pacific region is anticipated to witness the highest growth rate, driven by increasing digital transformation initiatives, rising cybercrime incidents, and growing awareness about cybersecurity solutions.

Service Type Analysis

In the Cyber Security as a Service market, the service type segment is pivotal, covering services such as Threat Intelligence, Managed Security Services, Security Monitoring and Analytics, Incident Response, Compliance Management, and others. The diverse nature of cyber threats necessitates a variety of specialized services, each catering to different facets of cybersecurity.

Threat Intelligence services play a crucial role in the market. These services involve the collection, analysis, and dissemination of information about potential or ongoing cyber threats. By leveraging advanced analytics and machine learning, threat intelligence services provide actionable insights that help organizations anticipate and mitigate cyber risks before they materialize. The growing complexity of cyber threats and the need for proactive threat management

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.