According to a 2024 survey of Chief Information Security Officers (CISO) worldwide, Ransomware attacks were a leading cybersecurity risk, with roughly ** percent naming it as one of the three major cybersecurity threats. A further share of ** percent of the respondents found malware to be a significant risk to their organizations' cybersecurity. Email fraud compromise and DDoS attacks followed closely, with ** percent.

In 2024, manufacturing saw the highest share of cyberattacks among the leading industries worldwide. During the examined year, manufacturing companies encountered more than a quarter of the total cyberattacks. Organizations in the finance and insurance followed, with around 23 percent. Professional, business, and consumer services ranked third, with 18 percent of reported cyberattacks. Manufacturing industry and cyberattacks The industry of manufacturing has been in the center of cyberattacks in a long time. The share of cyberattacks targeting organizations in this sector in 2018 was at 10 percent, while in 2024, it amounted to 26 percent. The situation is even more compliacted when we look at the cyber vulnerabilities found in this sector. In 2024, critical vulnerabilities in manufacturing companies lasted 205 days on average. IT perspective and prevention With recent technology developments, cybersecurity is crucial to an organization’s success. Realizing this, companies have been gradually increasing cybersecurity investments. Thus, in 2024, the cybersecurity budget worldwide was forecast to increase to nearly 283 billion U.S. dollars. Roughly nine in ten board directors of companies worldwide in professional services and media and entertainment industries say they expect an increase in the cybersecurity budget.

As of the fourth quarter of 2023, impersonation was the leading cybersecurity threat worldwide, targeting organizations on social media platforms, accounting for 45 percent of reported incidents. Fraud was the second most prevalent threat, making up 28.23 percent of cases, while cyber threats, such as malicious activities like hacking and phishing, made up over 21 percent of the total threats in the examined period.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Between the first quarter of 2023 and the third quarter of 2024, the number of records exposed in data breaches in the United States decreased significantly. In the most recent measured period, over 93.7 million records were reported as leaked, down from around 116 million in the previous quarter.

In 2023, ransomware was the most frequently detected cyberattack worldwide, with around 70 percent of all detected cyberattacks. Network breaches ranked second, with almost 19 percent of the detections. Although less frequently, data exfiltration was also among the detected cyberattacks.

As of 2024, ** percent of businesses that encountered the most disruptive cybersecurity breaches or attacks in the last 12 months in the United Kingdom (UK) reported them to banks, building societies, or credit card companies. A further **** percent reported it to the internet or network service provider.

The global indicator 'Estimated Cost of Cybercrime' in the cybersecurity market was forecast to continuously increase between 2024 and 2029 by in total *** trillion U.S. dollars (+***** percent). After the eleventh consecutive increasing year, the indicator is estimated to reach ***** trillion U.S. dollars and therefore a new peak in 2029. Notably, the indicator 'Estimated Cost of Cybercrime' of the cybersecurity market was continuously increasing over the past years. Ransomware and manufacturing industry Cyberattacks remain a significant challenge for organizations worldwide, sectors such as manufacturing, finance, and insurance were the most affected by these attacks. Among the various types of cyber threats, ransomware was the most frequently detected, accounting for around ** percent of all incidents. The manufacturing industry, in particular, faced the highest number of ransomware attacks, making it the most targeted sector globally. Cybersecurity awareness and investments Organizations worldwide became increasingly aware of the dangers posed by cyberattacks, approximately ** percent of internet users became familiar terms such as with "ransomware." In response to these threats, companies invested more in cybersecurity. In 2024, the average annual increase in IT security budgets was expected to reach *** percent. In fact, for companies worldwide, enhancing the cyber resilience of their cybersecurity teams was the top spending priority in 2023.

In 2023, spending in the cybersecurity industry reached around ** billion U.S. dollars, with forecasts suggesting that the market will eclipse ** billion U.S. dollars by 2024. Global spending on cybersecurity has been increasing since 2021. Cybersecurity remains a priority Since the outbreak of the COVID-19 pandemic, organizations worldwide have sent their employees into the home office for work. This decentralization of an organization’s IT landscape created new vulnerabilities of malicious actors to exploit which is concurred by IT professionals’ observation that there is an increase in cyber attacks following the COVID-19 pandemic. As a result, cybersecurity remains a priority among business leaders to ensure operability of the company and data security. Cybersecurity solutions Among solutions for cybersecurity are endpoint security, identity access management, data security, and network security. These technologies are leveraged to protect sensitive information and critical systems from attacks. More specifically, these measures are designed to protect threats originating both from inside and outside an organization. This underscores the need to think of cybersecurity as a comprehensive strategy made up of practices and technologies.

According to a survey of global IT security professionals in November 2023, malware was the most concerning cyber threat targeting organizations, with a relative value of **** on a five-point scale. Account takeover/credential abuse attacks ranked second, while phishing attacks followed.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

In the fiscal year 2023, the number of cybersecurity incident reports by federal agencies in the United States was over 32 thousand, around five percent increase from the previous year. This number includes reportings by both CFO and non-CFO Act agencies.

A survey ending February 2023 among professionals responsible for their company's cyber security strategy in the United States and Europe found that Germany saw the highest rate of cyber attacks among the examined countries. French companies ranked second by the share of reported cyber attacks, ** percent. Companies from the United Kingdom (UK) and Belgium reported the lowest share of cyber attacks among the listed countries, with ** percent and ** percent.

As of February 2024, malware was the most prevalent type of cyberattack faced by companies and businesses worldwide, with around ***** in **** organizations reporting incidents of malware-based attacks. Phishing was the second-most common, affecting ** percent of companies worldwide. Credential stuffing was also significant, reported by ** percent of businesses.

In 2023, there were ***** reported cyber incidents in the financial industry worldwide, up from ***** in the preceding year. Coherently, the number of data breaches increased within the last two examined years, going from *** in 2021 to ***** in 2023. Overall, 2023 saw the most significant number of cyber incidents since 2013.

In 2023, the healthcare industry in the United States remained the most targeted by cyber attacks, resulting in data compromises. Compared to 2022, the number of data compromise incidents in the U.S. healthcare industry increased more than twice. The financial services sector ranked second, with 744 data compromise incidents, representing a significant increase, too.

In 2024, the monetary damage caused by cybercrime reported to the United States' Internet Crime Complaint Center (IC3) saw a significant year-over-year increase, amounting to a historical peak of **** billion U.S. dollars. Overview of cybercrime in the U.S. Cybercrime continues to be one of the biggest challenges for governments around the world. In the United States, ****************** and ********* were among the most reported categories of cybercrime in 2024, with over ******* individuals falling victim to phishing attacks. Additionally, data breaches cost the U.S. organizations over ************ U.S. dollars on average as of February 2024. Fraud involving elderly Along with other reported internet crimes, online fraud is continuously growing. Targeting one of the most vulnerable groups, the elderly, cybercriminals show notorious skills in ************************************************************. Furthermore, individuals aged 60 and older, reported falling victims of extortion and personal data breach in 2024.

In 2023, the utilities industry in the United States saw the most significant number of victims of data compromise cases, with around 73 million individuals impacted. Technology ranked second, with 65 million victims. Overall, 353 million people in the United States were affected by data compromise incidents.

As of September 2024, almost 30 percent of cyber incidents detected in the past 12 months were hacking incidents. A further 28.7 percent were incidents of misuse, and 15.2 percent of detections revealed malware attacks.

Between November 2022 and October 2023, over 30 thousand cybercrime incidents were detected worldwide. Of this total, over 900 cases involved small companies. The organizations in the public administration sector were the most affected among the industries researched, with reported 12,217 cybercrime cases. The finance sector ranked second, while the professional sector followed, with over 2,500 incidents in each industry.