According to a survey of global IT security professionals in 2025, malware was the most concerning cyber threat targeting organizations, with a relative value of **** on a five-point scale. Account takeover/credential abuse attacks ranked second, while phishing attacks followed.

Introduction

Cyber Security Statistics: Cybersecurity has become a top priority for organizations worldwide, driven by the escalating volume and complexity of cyber threats. As businesses increasingly adopt digital technologies, the risk of cyberattacks, such as data breaches, ransomware, and phishing, has risen, creating significant challenges for data privacy and security.

The increasing frequency of high-profile cyber incidents has exposed vulnerabilities in various sectors, prompting governments and organizations to enhance their cybersecurity measures. In response, emerging technologies such as artificial intelligence and machine learning are being integrated to enhance threat detection and response capabilities.

The following statistics offer a comprehensive overview of the cybersecurity landscape, shedding light on the trends, risks, and developments that are shaping this critical field.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

According to a 2024 survey of Chief Information Security Officers (CISO) worldwide, Ransomware attacks were a leading cybersecurity risk, with roughly ** percent naming it as one of the three major cybersecurity threats. A further share of ** percent of the respondents found malware to be a significant risk to their organizations' cybersecurity. Email fraud compromise and DDoS attacks followed closely, with ** percent.

Percentage of enterprises impacted by specific types of cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

India Cyber Security Incidents: Total data was reported at 1,592,917.000 Unit in 2023. This records an increase from the previous number of 1,391,457.000 Unit for 2022. India Cyber Security Incidents: Total data is updated yearly, averaging 49,908.500 Unit from Dec 2004 (Median) to 2023, with 20 observations. The data reached an all-time high of 1,592,917.000 Unit in 2023 and a record low of 23.000 Unit in 2004. India Cyber Security Incidents: Total data remains active status in CEIC and is reported by Indian Computer Emergency Response Team. The data is categorized under India Premium Database’s Transportation, Post and Telecom Sector – Table IN.TF010: Information Technology Statistics: Cyber Security Incidents.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Introduction

Endpoint Security Statistics: In today’s digital landscape, endpoint security has become a vital component of organizational cybersecurity. As businesses adopt hybrid work arrangements and expand their digital networks, protecting a growing range of connected devices has become increasingly essential. Laptops, smartphones, tablets, and IoT devices have become frequent targets for advanced cyberattacks, including ransomware, phishing, and zero-day exploits.

The increasing complexity of these threats has compelled organizations to enhance their endpoint security measures by adopting advanced technologies, such as AI-driven threat detection, behavioural monitoring, and continuous real-time surveillance. These sophisticated solutions aim to reduce exposure to risks, safeguard critical data, and ensure seamless business operations in the face of constantly evolving cyber threats.

Introduction

Cybersecurity in Healthcare Statistics: As the healthcare sector increasingly integrates digital technologies, the need for robust cybersecurity measures has become more critical than ever. Adopting electronic health records (EHRs), telemedicine, and connected medical devices has significantly enhanced patient care and operational efficiency.

However, this digital shift has also exposed healthcare organizations to a rising tide of cyber threats, including data breaches, ransomware attacks, and hacks of medical devices. The sensitive nature of the data fuels these threats, such as personal health information (PHI) and payment records, making healthcare one of the most targeted cyberattack industries.

In response to these growing risks, healthcare providers must prioritize implementing stringent cybersecurity policies and embrace cutting-edge technologies like encryption, artificial intelligence, and multi-factor authentication. The sector is grappling with challenges such as outdated security systems, inadequate staff training, and the complexities of safeguarding networks of interconnected devices.

As cyberattacks become more frequent and sophisticated, understanding cybersecurity statistics within healthcare is essential for identifying vulnerabilities, assessing risks, and strengthening defenses to protect sensitive patient data and maintain trust within the industry.

Cyber attacks on businesses are becoming more frequent, targeted, and complex. The effects of a cyber attack go well beyond the direct financial consequences. In 2024, ** percent of respondents indicated greater difficulty in attracting new customers as the main consequence of cyber attacks.

Graph and download economic data for Employed full time: Wage and salary workers: Information security analysts occupations: 16 years and over: Men (LEU0257861100A) from 2011 to 2024 about analysts, information, occupation, full-time, males, salaries, workers, 16 years +, securities, wages, employment, and USA.

In 2024, manufacturing saw the highest share of cyberattacks among the leading industries worldwide. During the examined year, manufacturing companies encountered more than a quarter of the total cyberattacks. Organizations in the finance and insurance followed, with around 23 percent. Professional, business, and consumer services ranked third, with 18 percent of reported cyberattacks. Manufacturing industry and cyberattacks The industry of manufacturing has been in the center of cyberattacks in a long time. The share of cyberattacks targeting organizations in this sector in 2018 was at 10 percent, while in 2024, it amounted to 26 percent. The situation is even more compliacted when we look at the cyber vulnerabilities found in this sector. In 2024, critical vulnerabilities in manufacturing companies lasted 205 days on average. IT perspective and prevention With recent technology developments, cybersecurity is crucial to an organization’s success. Realizing this, companies have been gradually increasing cybersecurity investments. Thus, in 2024, the cybersecurity budget worldwide was forecast to increase to nearly 283 billion U.S. dollars. Roughly nine in ten board directors of companies worldwide in professional services and media and entertainment industries say they expect an increase in the cybersecurity budget.

The information security market has increased considerably over the past years. In 2024, the revenue of the security technology and services market worldwide is expected to peak at *** billion U.S. dollars. Information security refers to the practice of managing access to information, whether that is securing information from unauthorized access or verifying the identity of those who claim to have authority to access information. Security services as the main area of information security spending Most of the global spending on information security technology in recent years has concentrated on security services, which comprise among others consulting, hardware support, and implementation. Factors explaining this trend include an ongoing demand for technologies enabling a secure remote and hybrid work environment, triggered by the COVID-19 pandemic, as well as the steady rise in Internet of Things (IoT) spending over the last decade. Outsourcing security services As businesses continuously migrate their data to the cloud, security as a service (SECaaS), defined as a cloud-based model for outsourcing a company’s IT security, appears as an increasingly popular data security solution. By adopting this model, businesses can ease their own security team’s responsibilities and avoid the costs and maintenance of in-house alternatives. The SECaaS market is projected to reach more than ** billion U.S. dollars by 2033.

This selection includes data related to SPC member countries and territories for some of the indicators available in the original database published by the National Cyber Security Index (NCSI).

Find more Pacific data on PDH.stat.

Percentage of enterprises that identified specific main reasons for spending time or money on cyber security measures or related skills training by the North American Industry Classification System (NAICS) and size of enterprise.

It all started with a laptop on a kitchen table. One device, one user, and a Wi-Fi network not built for enterprise-grade security. Multiply that by millions, and you begin to grasp the scale of the remote work cybersecurity challenge. As the boundaries between home and work blur, so do...