As more businesses shift to digital operations and remote work becomes the norm, our reliance on technology continues to grow—but so does our exposure to cyber threats.
Recent reports show that the global cost of cybercrime could soar to $13 trillion by 2028, nearly doubling from 2023, as attackers grow more sophisticated and relentless.
With more connected devices, cloud-based systems, and sensitive data in circulation, it’s becoming harder to keep up with evolving threats.
That’s why now, more than ever, both companies and individuals need to understand where the real dangers lie and how quickly things are changing.
So in this article, we’re breaking down the most important cybersecurity stats you need to know right now.
Top Cybersecurity Stats
Cybersecurity has now become one of the biggest concerns for businesses, governments, and even everyday internet users.
Whether it’s the number of attacks happening each day or the sheer size of the cybersecurity market, the numbers give us a clear picture of just how serious this issue has become.
Here are the cybersecurity stats that reveal just how big and urgent the situation is.
1. Cyberattacks are getting more common every year. In late 2024, businesses were hit by an average of 1,876 cyberattacks per week, which is a huge 75% jump compared to the year before.
2. The cost of cybercrime is climbing fast. Experts believe that by 2029, global losses from cybercrime will reach around $15.6 trillion, showing just how serious the problem is becoming.
Cost of cybercrime worldwide 2018-2029
3. Ransomware is mostly controlled by Russian-speaking hackers. About 75% of all ransomware money ends up going to groups linked to Russian-language cybercriminal networks.
4. The top three reported cybercrimes in the U.S. in 2024 were phishing or spoofing scams, extortion attempts, and personal data breaches, according to reports filed with the FBI’s Internet Crime Complaint Center (IC3).
5. Cybercrime is draining money fast. It’s expected to cost the world over $23 trillion a year by 2027, up from $8.4 trillion in 2022, according to a U.S. national security official.
6. Phishing and spoofing scams were the most common. In 2024, there were 193,407 complaints about these scams, making up 23% of all reports received by IC3.
Crime complaints received in 2024 by crime types
7. Investment scams involving cryptocurrency caused the biggest financial losses. In 2024, victims reported losing over $6.5 billion to these kinds of fraud.
8. Cyberattacks happen faster than you think. One occurs every 39 seconds somewhere in the world, and ransomware attacks happen about every 14 seconds.
9. During the COVID-19 pandemic, cybercrime exploded. It went up by 600%, proving how quickly cyber criminals take advantage of global changes.
10. Healthcare systems are under pressure. From 2020 to 2025, the industry is expected to spend $125 billion on cybersecurity, showing how urgently better protection is needed.
11. According to data from Keywords Everywhere, thousands of people are searching for help. Each month, about 165,000 people Google “cyber crime helpline number,” which shows just how many victims are out there looking for support.
Biggest Cyber Threats and Attack Trends
The kinds of cyber threats we’re dealing with today are far more advanced and targeted, and attackers are constantly coming up with new ways to trick users, break into systems, or take control of sensitive data.
From ransomware that locks down entire networks to phishing scams that fool even tech-savvy employees, the threats are real and growing fast.
Below are the cybersecurity stats that show which threats are most common and how they’re evolving.
12. Ransomware is still one of the biggest threats out there. It made up 35% of all cyberattacks, and those attacks grew by 84% in just one year.
Ransomware attack is on the rise
13. The rise of ransomware isn’t the same everywhere. In North America, ransomware cases went up by 15%, while in Europe, the Middle East, and Africa (EMEA), they actually dropped by 49%.
14. Phishing attacks have exploded since the rise of AI tools. Since ChatGPT went public in late 2022, phishing attempts have jumped by over 4,000%, thanks to how generative AI is being used to write more convincing scam messages, according to SlashNext’s 2024 report.
15. Phishing scams are costing big money—fast. Every single minute, $17,700 is lost to phishing, which adds up to over $1 million an hour and more than $25 million every single day.
16. Emails are still the weak spot in many cyber defenses. Around 40% of all email-based threats are phishing attacks, and many targeted cyberattacks start this way because people are quick to open and trust messages in their inboxes.
IT is the most targeted group of phishing attacks
17. Business email compromise is especially dangerous. It made up 6% of all reported cyber incidents, and in half of those cases, attackers used spear phishing links—a more targeted form of email fraud.
18. Cloud missteps are leading to major security problems. About 23% of cloud-related incidents were caused by misconfigured settings, and 27% of businesses said they had a security breach in their public cloud systems.
19. Phishing is also hitting cloud platforms hard. Over half of the companies that reported cloud security issues said phishing was the main method used to steal credentials.
20. DDoS attacks are increasing fast. In 2023, they went up by 31%, with cybercriminals launching around 44,000 DDoS attacks every single day.
21. One of the biggest DDoS attacks ever was seen in 2024. Cloudflare reported an attack that reached a record-breaking 3.8 terabits per second (Tbps) at its peak.
Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps
22. Mobile malware is also climbing. In just the third quarter of 2024, Kaspersky blocked 6.7 million mobile attacks, which shows how smartphones are now a big target for hackers looking to steal personal data.
Data Breaches and Vulnerabilities Stats
Every time a vulnerability goes unnoticed, or a security measure fails, there’s a chance for a data breach that can expose personal information, company secrets, or even national security details.
Many of these breaches happen because of overlooked software flaws or simple human errors, and the numbers surrounding these incidents continue to rise each year.
The following cybersecurity stats highlight how often breaches happen and what causes them.
23. By the middle of 2024, experts had recorded 22,254 CVEs (Common Vulnerabilities and Exposures), which is a 30% increase from 2023 and 56% higher than in 2022.
24. By late 2024, an average of 115 new CVEs were discovered daily, highlighting just how complex and fast-moving modern cyber threats have become—and this number is only expected to keep growing into 2025.
25. Attacks that exploit software vulnerabilities are on the rise. In the third quarter of 2024 alone, vulnerability-based attacks went up by 124% compared to the same time in 2023, largely because tools like ChatGPT have made it easier for attackers to find and use flaws.
Attacks on vulnerabilities have increased by 124% in 2024
26. Over 99% of tech professionals agree that their production apps contain at least four vulnerabilities.
27. A new vulnerability is reported every 17 minutes, and shockingly, half of all known vulnerabilities were published in just the last five years.
28. In the past year, 70% of UK companies have faced fines of over £100,000 for data breaches, putting more pressure on organizations to invest in better cybersecurity.
29. In 2024, 36% of businesses said they experienced a data breach that cost them more than $1 million, a big jump from 27% in 2023.
30. In 2025, the global average cost hit $4.88 million, which is a 10% rise from 2023. In the United States, that average was even higher—$9.36 million per breach.
Global average total cost of a data breach
31. Breaches involving stolen or compromised login credentials took the longest to find and fix—about 292 days on average, making them one of the most damaging types of attacks.
32. According to Verizon, 80% of all breaches were carried out by external attackers, showing that threats are more likely to come from the outside than from employees or insiders.
Cost of Cybercrime and Financial Impact
Cybercrime doesn’t just cause disruption—it costs real money, and in some cases, it can cripple entire organizations or drain millions from bank accounts with just a few clicks.
From the cost of downtime and ransom payments to the long-term damage to reputation, the financial impact of cybercrime is now being felt across all industries.
Below are the cybersecurity stats that show how expensive these threats have become.
33. The global cost of cybercrime is rising fast—Cybersecurity Ventures estimates it will reach $10.5 trillion by 2025, while another forecast puts the number at $23 trillion by 2027.
Cybercrime costs could reach 10.5 trillion USD by 2025
34. In 2024, the average total cost of a data breach was reported to be $4.88 million, with healthcare breaches being the most expensive at $9.77 million, followed by financial services at $6.08 million.
35. The U.S. government set a cybersecurity budget of $12.72 billion for fiscal year 2024, not including the Department of Defense, showing a strong push to strengthen public-sector digital defenses.
36. A report sponsored by Apple found that 2.6 billion personal records were stolen in breaches during 2021 and 2022, exposing just how common and large-scale these attacks have become.
37. Global cybersecurity spending is expected to reach $538.3 billion by 2030 as businesses and governments invest more to stay ahead of growing cyber threats.
Global spending on cybersecurity will cross the 500 billion mark by 2030
38. Companies that use AI and automation tools to defend against data breaches save an average of $2.22 million each year compared to those that don’t rely on these technologies.
39. 75% of large organizations with annual revenue over $5.5 billion have cyber insurance, while only 25% of smaller companies earning less than $250 million carry similar coverage.
Cybersecurity by Industry and Business Size
While no industry is completely safe from cyberattacks, some are targeted more than others, and small businesses often suffer the most because they lack the resources to build strong defenses or respond quickly when attacks happen.
Healthcare, finance, and manufacturing are only a few sectors where cybersecurity threats are especially common due to the kind of sensitive data they hold.
Here are the cybersecurity stats that reveal how different industries and business sizes are being affected.
40. 79% of the 100 largest hospitals and health systems in the U.S. received a cybersecurity grade of D or worse, according to data from the Cybernews Business Digital Index.
41. 30% of these top hospitals have critical security flaws, and 65% have already experienced data breaches.
Most common security issues in hospitals
42. Manufacturing companies are major ransomware targets, making up nearly 25% of all ransomware attacks reported across industries.
43. 68% of organizations said they had a cyberattack on their supply chain in the past two years, and 82% of them reported that it disrupted patient care, up from 77% in 2023.
44. In the manufacturing sector, web apps, stolen credentials, and cyber espionage were behind 71% of the reported breaches.
45. 68% of cyberattacks targeting manufacturers are motivated by money, not politics or sabotage.
Motivations of a cyber criminal
46. In the finance and insurance sector, about 74% of all cyberattacks involved personal customer information.
47. The average cost of a data breach in the financial sector is around $5.9 million, which is higher than many other industries.
48. The financial industry is the top target for web application attacks, as cybercriminals often go after online banking platforms and customer portals to steal credentials or access funds.
49. Small businesses with 1 to 205 employees are the most frequent targets for cybercriminals, likely because of weaker defenses and fewer resources to stop attacks.
50. For businesses with less than 500 employees, the number of reported breaches rose by 8% year over year, and the average financial loss more than doubled, reaching $500,000 per incident.
Small business suffer the most data breaches
51. Despite growing risks, 80% of small businesses are taking action to protect themselves, including staff training (88%), buying new security tools (65%), and boosting their security budgets (67%).
52. 27% of small businesses admit they’re just one major cyber threat or disaster away from shutting down completely.
53. At the 2024 Annual Meeting on Cybersecurity, 71% of cyber leaders said small businesses have reached a tipping point where they simply can’t keep up with the complexity of today’s threats on their own.
54. 90% of small and mid-sized businesses that suffered a serious attack said the cost was higher than they expected.
Cybersecurity Workforce and Skills Gap
With the growing number of cyberattacks, there aren’t enough qualified professionals to meet the demand, and this shortage is leaving many companies exposed and underprepared for the threats they face every day.
From unfilled job openings to gaps in training and education, the cybersecurity talent shortage has become a problem that affects everyone from startups to global corporations.
The following cybersecurity stats show how serious the workforce and skills gap has become.
55. According to the ISC2 Global Workforce Study, there are now 5.5 million cybersecurity professionals worldwide.
Cybersecurity workforce estimate
56. In the United States, information security analysts start at a median salary of $112,000 per year.
57. The U.S. Bureau of Labor Statistics predicts 32% job growth in cybersecurity between 2022 and 2032, which is much faster than the average growth rate for other careers.
58. By 2025, almost half of cybersecurity leaders are expected to change jobs, and 25% will leave the field entirely, mainly due to stress, burnout, or job dissatisfaction.
59. 57% of organizations say they are understaffed in cybersecurity, which increases pressure on current employees and limits how quickly teams can respond to threats.
60. Among organizations that struggle to keep cybersecurity talent (55%), the top reasons for staff leaving include being recruited by other companies (50%), low pay or bonuses (50%), lack of career growth (46%), and high stress (46%).
61. The most commonly reported skills gaps are in “soft skills” (51%), such as communication and teamwork, and cloud computing (42%).
Biggest skill gaps in cybersecurity jobs
62. The cybersecurity workforce is getting older. For the first time in ten years of this survey, the largest group of professionals is aged 45 to 54 (34%), surpassing the 35 to 44 age group (30%).
63. Hiring for cyber roles takes time—37% of companies need 3 to 6 months to fill entry-level positions, and 38% take just as long to fill more experienced roles.
64. According to the 2024 ISC2 Workforce Study, Asia-Pacific, the Middle East and Africa, and North America are currently experiencing the highest demand for cybersecurity talent.
Conclusion
Cybersecurity is no longer just a technical concern—it’s a critical business issue that affects every industry, organization size, and corner of the world.
As cyber threats continue to grow in frequency, speed, and sophistication, the financial and operational risks they bring are too big to ignore.
That’s why staying alert, investing in smarter defenses, and addressing talent shortages have become top priorities for companies everywhere.