Editor’s Choice

• The Global Cyber Security Market size is expected to be worth around USD 533.9 Billion by 2032 from USD 193 Billion in 2023, growing at a CAGR of 11% during the forecast period from 2022 to 2032.
• Every 39 seconds there's an attack by hackers.
• Healthcare is still the most targeted victim of ransomware attacks.
• 92% of malware was distributed via email.
• 4.1 million websites are infected by malware at any moment.
• 49 days is the standard amount of time needed to spot a ransomware infection.
• A total of $29M was snatched from the fintech firm by hackers.
• 97% of security breaches are caused by WordPress plugins.
• A total of $3 billion in cryptocurrency was stolen during hacks that have been ongoing to this day.
• 66% of CIOs have said they intend to increase their investment in cybersecurity.
• The statistics on cybersecurity for remote work indicate that 74% of IT experts believe that it is an extreme risk to cybersecurity.

(Source: Tripwire)

These cybersecurity statistics will help you understand the state of online security and give you a better idea of what it takes to protect yourself.

Data Breaches Dataset

30,000 Records of cyber-security data breaches

About this dataset

This dataset is a compilation of data from various sources detailing data breaches. These sources include press reports, government news releases, and mainstream news articles. The list includes those involving the theft or compromise of 30,000 or more records, although many smaller breaches occur continually. In addition, the various methods used in the breaches are listed, with hacking being the most common.

Organizations of all types and sizes are susceptible to data breaches, which can have devastating consequences. This dataset can help shed light on which organizations are most at risk and how these breaches occur so that steps can be taken to prevent them in the future

How to use the dataset

There are many ways to use this dataset. Here are a few ideas:

• Use the data to understand which types of organizations are most commonly breached, and what methods are used most often.
• Analyze the data to see if there are any trends or patterns in when or how breaches occur.
• Use the data to create a visualizations or infographic showing the prevalence of data breaches

Research Ideas

• This dataset can be used to identify trends in data breaches in terms of methods used, types of organizations breached, and geographical distribution.

• This dataset can be used to study the effect of data breaches on organizational reputation and customer trust.

• This dataset can be used by organizations to benchmark their own security measures against those of similar organizations that have experienced data breaches

Acknowledgements

License

License: CC0 1.0 Universal (CC0 1.0) - Public Domain Dedication No Copyright - You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. See Other Information.

Columns

File: df_1.csv | Column name | Description | |:----------------------|:---------------------------------------------------------------------| | Entity | The name of the organization that was breached. (String) | | Year | The year when the breach occurred. (Integer) | | Records | The number of records that were compromised in the breach. (Integer) | | Organization type | The type of organization that was breached. (String) | | Method | The method that was used to breach the organization. (String) | | Sources | The sources from which the data was collected. (String) |

The Dataset "Cyber Security Indexes" includes four indicators which illustrate the current cyber security situation around the world. The data is provided on 193 countries and territories, grouped by five geographical regions - Africa, North America, South America, Europe and Asia-Pasific.

The Cybersecurity Exposure Index (CEI) defines the level of exposure to cybercrime by country from 0 to 1; the higher the score, the higher the exposure (provided by 10guard). The indicator was last updated in 2020.

The Global Cyber Security Index (GCI) is a trusted reference that measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue (provided by the International Telecommunication Union - ITU). The indicator was last updated in 2021.

The National Cyber Security Index (NCSI) measures a country's readiness to address cyber threats and manage cyber incidents. It is composed of categories, capacities, and indicators (provided by NCSI). The indicator was last updated in January 2023.

The Digital Development Level (DDL) defines the average percentage the country received from the maximum value of both indices (provided by NCSI). The indicator was last updated in January 2023.

The dataset can be used for practising data cleaning, data visualization (on maps and round/bar charts), finding correlations between the indexes and predicting the missing data.

The data was used in the analytical article research The Geography of Cybersecurity: Cyber Threats and Vulnerabilities

Percentage of Internet users who have experienced an Internet security and/or privacy incident during the past 12 months, by type of cyber security incident.

According to a survey of global IT security professionals in 2025, malware was the most concerning cyber threat targeting organizations, with a relative value of **** on a five-point scale. Account takeover/credential abuse attacks ranked second, while phishing attacks followed.

Between October 2024 and August 2025, organizations worldwide experienced 139,373 cyber incidents. Misuse accounted for 44.6 percent of these cases, while hacking incidents represented another 30.8 percent.

Did the COVID-19 pandemic really affect cybersecurity? Short answer – Yes. Cybercrime is up 600% due to COVID-19.

Overview This dataset is a comprehensive, easy-to-understand collection of cybersecurity incidents, threats, and vulnerabilities, designed to help both beginners and experts explore the world of digital security. It covers a wide range of modern cybersecurity challenges, from everyday web attacks to cutting-edge threats in artificial intelligence (AI), satellites, and quantum computing. Whether you're a student, a security professional, a researcher, or just curious about cybersecurity, this dataset offers a clear and structured way to learn about how cyber attacks happen, what they target, and how to defend against them.

With 14134 entries and 15 columns, this dataset provides detailed insights into 26 distinct cybersecurity domains, making it a valuable tool for understanding the evolving landscape of digital threats. It’s perfect for anyone looking to study cyber risks, develop strategies to protect systems, or build tools to detect and prevent attacks.

What’s in the Dataset? The dataset is organized into 16 columns that describe each cybersecurity incident or research scenario in detail:

ID: A unique number for each entry (e.g., 1, 2, 3). Title: A short, descriptive name of the attack or scenario (e.g., "Authentication Bypass via SQL Injection"). Category: The main cybersecurity area, like Mobile Security, Satellite Security, or AI Exploits. Attack Type: The specific kind of attack, such as SQL Injection, Cross-Site Scripting (XSS), or GPS Spoofing. Scenario Description: A plain-language explanation of how the attack works or what the scenario involves. Tools Used: Software or tools used to carry out or test the attack (e.g., Burp Suite, SQLMap, GNURadio). Attack Steps: A step-by-step breakdown of how the attack is performed, written clearly for all audiences. Target Type: The system or technology attacked, like web apps, satellites, or login forms. Vulnerability: The weakness that makes the attack possible (e.g., unfiltered user input or weak encryption). MITRE Technique: A code from the MITRE ATT&CK framework, linking the attack to a standard classification (e.g., T1190 for exploiting public-facing apps). Impact: What could happen if the attack succeeds, like data theft, system takeover, or financial loss. Detection Method: Ways to spot the attack, such as checking logs or monitoring unusual activity. Solution: Practical steps to prevent or fix the issue, like using secure coding or stronger encryption. Tags: Keywords to help search and categorize entries (e.g., SQLi, WebSecurity, SatelliteSpoofing). Source: Where the information comes from, like OWASP, MITRE ATT&CK, or Space-ISAC.

Cybersecurity Domains Covered The dataset organizes cybersecurity into 26 key areas:

AI / ML Security

AI Agents & LLM Exploits

AI Data Leakage & Privacy Risks

Automotive / Cyber-Physical Systems

Blockchain / Web3 Security

Blue Team (Defense & SOC)

Browser Security

Cloud Security

DevSecOps & CI/CD Security

Email & Messaging Protocol Exploits

Forensics & Incident Response

Insider Threats

IoT / Embedded Devices

Mobile Security

Network Security

Operating System Exploits

Physical / Hardware Attacks

Quantum Cryptography & Post-Quantum Threats

Red Team Operations

Satellite & Space Infrastructure Security

SCADA / ICS (Industrial Systems)

Supply Chain Attacks

Virtualization & Container Security

Web Application Security

Wireless Attacks

Zero-Day Research / Fuzzing

Why Is This Dataset Important? Cybersecurity is more critical than ever as our world relies on technology for everything from banking to space exploration. This dataset is a one-stop resource to understand:

What threats exist: From simple web attacks to complex satellite hacks. How attacks work: Clear explanations of how hackers exploit weaknesses. How to stay safe: Practical solutions to prevent or stop attacks. Future risks: Insight into emerging threats like AI manipulation or quantum attacks. It’s a bridge between technical details and real-world applications, making cybersecurity accessible to everyone.

Potential Uses This dataset can be used in many ways, whether you’re a beginner or an expert:

Learning and Education: Students can explore how cyber attacks work and how to defend against them. Threat Intelligence: Security teams can identify common attack patterns and prepare better defenses. Security Planning: Businesses and governments can use it to prioritize protection for critical systems like satellites or cloud infrastructure. Machine Learning: Data scientists can train models to detect threats or predict vulnerabilities. Incident Response Training: Practice responding to cyber incidents, from web hacks to satellite tampering.

Ethical Considerations Purpose: The dataset is for educational and research purposes only, to help improve cybersecurity knowledge and de...

In 2025, the number of data compromises in the United States stood at 3,322 cases. Meanwhile, over 278.83 million individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. Financial services, healthcare, and professional services were the industry sectors that recorded the most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw a decrease.

The average cyber attack takes 280 days to identify and contain and it costs an average of about $3.86 million to deal with properly.

Title: Network Traffic Analysis Dataset for Cybersecurity

Description: This dataset contains network traffic data that simulates various types of communication between network entities, specifically focusing on different protocols and potential security threats. The data includes information about packets exchanged between sender and receiver entities, their attributes, and associated attack types.

Columns:

Protocol: The communication protocol used for the packet (e.g., TCP or UDP). Flag: The flag associated with the packet (e.g., SYN, ACK, RST, FIN). Packet: The type of packet exchanged (e.g., HTTP, DNS, SSH, FTP, NTP). Sender ID: Unique identifier for the sender entity. Receiver ID: Unique identifier for the receiver entity. Source IP Address: IP address of the source entity. Destination IP Address: IP address of the destination entity. Source Port: Port number on the source entity. Destination Port: Port number on the destination entity. Packet Size: Size of the packet in bytes. Target Variable: The potential security threat associated with the packet (e.g., Phishing, DoS, Man-in-the-Middle, DDoS, SQL Injection, Cross-Site Scripting, Ransomware, Password Attacks, Zero-Day Exploits). Intended Use: This dataset is intended for use in cybersecurity research and analysis, particularly for the development and evaluation of intrusion detection systems, network anomaly detection algorithms, and predictive models for identifying potential security threats. It can also be utilized to explore patterns and relationships between different types of network traffic and associated attack vectors.

Considerations:

Data Privacy: Ensure that any sensitive or personal information in the dataset is anonymized or masked to protect user privacy. Data Preprocessing: Before using the dataset, perform preprocessing tasks such as handling missing values, standardizing column names, and encoding categorical variables. Feature Engineering: Depending on the analysis goals, additional features may be engineered from the available attributes to enhance model performance. Data Splitting: Divide the dataset into training, validation, and testing subsets for model development and evaluation. Documentation: Provide clear documentation detailing the dataset's origin, structure, and any preprocessing steps applied. By providing this dataset on Kaggle, researchers and data scientists interested in the field of cybersecurity can access a controlled simulation of network traffic to explore and develop solutions for detecting and mitigating potential security threats.

In 2023, network intrusion was the most common type of cybercrime attack experienced by companies in the United States, accounting for ** percent of incidents. Business e-mail compromise (BEC) ranked second, with ** percent of data security incidents in U.S. companies. A further ** percent of companies reported having encountered inadvertent disclosure.

India Cyber Security Incidents: Website Intrusion and Malware Propagation data was reported at 563.000 Unit in 2017. This records a decrease from the previous number of 1,483.000 Unit for 2016. India Cyber Security Incidents: Website Intrusion and Malware Propagation data is updated yearly, averaging 4,492.500 Unit from Dec 2008 (Median) to 2017, with 10 observations. The data reached an all-time high of 7,286.000 Unit in 2014 and a record low of 563.000 Unit in 2017. India Cyber Security Incidents: Website Intrusion and Malware Propagation data remains active status in CEIC and is reported by Indian Computer Emergency Response Team. The data is categorized under India Premium Database’s Transportation, Post and Telecom Sector – Table IN.TF010: Information Technology Statistics: Cyber Security Incidents.

Percentage of enterprises impacted by specific types of cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

Introduction

Automotive Cyber Security Statistics: The automotive industry's digital transformation has increased vehicle connectivity and brought cybersecurity challenges.

Automotive cybersecurity protects vehicles and passengers from cyber threats, including hacking, malware, and data breaches.

Moreover, governments and industry organizations have introduced regulations to ensure cybersecurity measures are in place.

Challenges include complex vehicle systems and the need for real-time monitoring, requiring collaboration and information sharing.

Additionally, emerging technologies like AI play a crucial role in threat detection. Further, as vehicles become more connected and autonomous, automotive cybersecurity remains critical for maintaining trust and security in the industry.

https://scoop.market.us/wp-content/uploads/2023/11/Automotive-Cyber-Security-Statistics.png" alt="Automotive Cyber Security Statistics" class="wp-image-39713">

Overview

The RT-IoT2022, a proprietary dataset derived from a real-time IoT infrastructure, is introduced as a comprehensive resource integrating a diverse range of IoT devices and sophisticated network attack methodologies. This dataset encompasses both normal and adversarial network behaviours, providing a general representation of real-world scenarios. Incorporating data from IoT devices such as ThingSpeak-LED, Wipro-Bulb, and MQTT-Temp, as well as simulated attack scenarios involving Brute-Force SSH attacks, DDoS attacks using Hping and Slowloris, and Nmap patterns, RT-IoT2022 offers a detailed perspective on the complex nature of network traffic. The bidirectional attributes of network traffic are meticulously captured using the Zeek network monitoring tool and the Flowmeter plugin. Researchers can leverage the RT-IoT2022 dataset to advance the capabilities of Intrusion Detection Systems (IDS), fostering the development of robust and adaptive security solutions for real-time IoT networks.

Introductory Paper Quantized autoencoder (QAE) intrusion detection system for anomaly detection in resource-constrained IoT devices using RT-IoT2022 dataset By B. S. Sharmila, Rohini Nagapadma. 2023 Published in Cybersecurity

Variable Table available here: https://archive.ics.uci.edu/dataset/942/rt-iot2022

Column Details: id.orig_p id.resp_p proto service flow_duration fwd_pkts_tot bwd_pkts_tot fwd_data_pkts_tot bwd_data_pkts_tot fwd_pkts_per_sec bwd_pkts_per_sec flow_pkts_per_sec down_up_ratio fwd_header_size_tot fwd_header_size_min fwd_header_size_max bwd_header_size_tot bwd_header_size_min bwd_header_size_max flow_FIN_flag_count flow_SYN_flag_count flow_RST_flag_count fwd_PSH_flag_count bwd_PSH_flag_count flow_ACK_flag_count fwd_URG_flag_count bwd_URG_flag_count flow_CWR_flag_count flow_ECE_flag_count fwd_pkts_payload.min fwd_pkts_payload.max fwd_pkts_payload.tot fwd_pkts_payload.avg fwd_pkts_payload.std bwd_pkts_payload.min bwd_pkts_payload.max bwd_pkts_payload.tot bwd_pkts_payload.avg bwd_pkts_payload.std flow_pkts_payload.min flow_pkts_payload.max flow_pkts_payload.tot flow_pkts_payload.avg flow_pkts_payload.std fwd_iat.min fwd_iat.max fwd_iat.tot fwd_iat.avg fwd_iat.std bwd_iat.min bwd_iat.max bwd_iat.tot bwd_iat.avg bwd_iat.std flow_iat.min flow_iat.max flow_iat.tot flow_iat.avg flow_iat.std payload_bytes_per_second fwd_subflow_pkts bwd_subflow_pkts fwd_subflow_bytes bwd_subflow_bytes fwd_bulk_bytes bwd_bulk_bytes fwd_bulk_packets bwd_bulk_packets fwd_bulk_rate bwd_bulk_rate active.min active.max active.tot active.avg active.std idle.min idle.max idle.tot idle.avg idle.std fwd_init_window_size bwd_init_window_size fwd_last_window_size Attack_type

Class Labels

The Dataset contains both Attack patterns and Normal Patterns. Attacks patterns Details: 1. DOS_SYN_Hping------------------------94659 2. ARP_poisioning--------------------------7750 3. NMAP_UDP_SCAN--------------------2590 4. NMAP_XMAS_TREE_SCAN--------2010 5. NMAP_OS_DETECTION-------------2000 6. NMAP_TCP_scan-----------------------1002 7. DDOS_Slowloris------------------------534 8. Metasploit_Brute_Force_SSH---------37 9. NMAP_FIN_SCAN---------------------28 Normal Patterns Details:

1. MQTT -----------------------------------8108
2. Thing_speak-----------------------------4146
3. Wipro_bulb_Dataset-------------------253

According to a 2024 survey of Chief Information Security Officers (CISO) worldwide, Ransomware attacks were a leading cybersecurity risk, with roughly ** percent naming it as one of the three major cybersecurity threats. A further share of ** percent of the respondents found malware to be a significant risk to their organizations' cybersecurity. Email fraud compromise and DDoS attacks followed closely, with ** percent.

Regional Analysis

North America

North America, which includes the United States and Canada, is a mature and technologically advanced endpoint security industry.

Because of the region's major presence of huge enterprises, financial institutions, and government bodies, there is a high emphasis on cybersecurity.

This region has a high rate of adoption of advanced endpoint security solutions and practices. The increasing frequency and sophistication of cyber-attacks, and tight regulatory requirements. Growing awareness of the necessity for robust endpoint protection is driving the market.

Europe

Europe is another big endpoint security market. Countries with a well-established cybersecurity landscape include the United Kingdom, Germany, France, and the Nordic countries.

The region features rigorous data protection requirements. Such as the General Data Protection Regulation (GDPR), which has pushed endpoint security solutions adoption.

Furthermore, the growing number of cyber threats and high-profile data breaches has fueled demand for enhanced endpoint security technology and services.

Asia-Pacific

Because of increased company digitization, expanding IT infrastructure, and an increase in cyber threats, the Asia-Pacific region is experiencing tremendous growth in endpoint security.

China, Japan, India, and South Korea are major contributors to the market. Because the region contains both developed and growing economies, the adoption of endpoint security solutions varies.

Government measures, such as data protection legislation and cybersecurity policies, also have an impact on industry growth.

Latin America

Endpoint security is a growing sector in Latin America. Countries such as Brazil, Mexico, and Argentina are seeing an increase in cyber-attacks and data breaches. Raising awareness about the importance of comprehensive endpoint protection.

The increasing adoption of mobile devices and cloud computing. As well as the growing importance of data privacy legislation, is driving market expansion.

Challenges such as limited cybersecurity expenditures and a lack of awareness of advanced endpoint security solutions, on the other hand, can stymie industry growth.

Middle East and Africa

Endpoint security is becoming increasingly important in the Middle East and Africa region. Countries such as the United Arab Emirates, Saudi Arabia, and South Africa are increasing their investments in cybersecurity infrastructure.

The region presents unique problems, including a diversified threat landscape, geopolitical tensions, and limited resources.

However, increased digitization, mobile device penetration, and government cybersecurity initiatives are projected to fuel the endpoint security market in this area.

https://scoop.market.us/wp-content/uploads/2023/05/js9Qt-endpoint-security-market-size-worldwide-2020-2024.png" alt="" class="wp-image-36252">