31 Scary Cybersecurity Stats

Share This Article

Every October is Cybersecurity Awareness Month, and this year’s theme is “Do Your Part. Be Cyber Smart.”

To help everyone do their part, here are 31 scary cybersecurity statistics, one for each day of the month.

  1. A business falls victim to a ransomware attack every 11 seconds.
    Cybersecurity Ventures, 2020

  2. 37% of organizations were affected by ransomware attacks in the last year.
    Sophos, 2021

  3. Average ransomware payments have grown 82% in the last year; from $312,000 in 2020 to $570,000 in 2021.
    Palo Alto Networks, 2021

  4. Cost of a ransomware attack: 54% is the actual ransom, 46% is other costs, such as lost business, cost to remediate, etc.
    Cloudian, 2021

  5. Average ransomware remediation costs have doubled in the past year, from $761,000 to $1,850,000.
    Sophos, 2021

  6. 77% of organizations go offline when hit with ransomware; 11% are down for more than 2 weeks.
    Keeper Security, 2021

  7. The average downtime a company experiences after a ransomware attack is 21 days.
    Coveware, 2021

  8. 79% of surveyed cyber IT professionals said no, they would not pay a ransom.
    Menlo Security, 2021


  9. 32% of firms pay the ransom when breached, up from 26% in 2020.
    Sophos, 2021

  10. Ransom payers that recovered their data: 71.6% in 2021, up from 66.8% in 2020.
    Cyber Edge Group, 2021

  11. 80% of ransomware victims who paid the ransom experienced another attack soon after. 46% got access to their data but most of it was corrupted.
    Cybereason, 2021

  12. 60% of ransomware victims experienced revenue loss and 53% stated their brands were damaged as a result.
    Cybereason, 2021

  13. 78% of cyber professionals are most worried about business reputation after a cyber-attack.
    ISACA, 2021

  14. 38% of companies reported that they lost customers after a breach.
    Egress, 2021

  15. 47% of employees cited distraction as the reason for falling for a phishing scam while working from home.
    Tessian, 2020

  16. Cyber Insurance increased 56% in Q2, 2021.
    Marsh, 2021

  17. Cyber insurance covered 59% of the ransomware payment and other costs, possibly reflecting deductibles and coverage caps.
    Cloudian, 2021

  18. RockYou2021, a dark web posting of 8.5 billion stolen passwords in a 100GB text file, exceeds the global population and can be used to hack computer services if people re-use these exposed passwords.
    Enisa, 2021

  19. 31% of U.S. workers lend their work-issued laptops to friends, family, or peers.
    HP Wolf Security, 2021

  20. 44% of organizations had a breach via a 3rd party supplier in the past 12 months.
    Ponemon Institute, 2021

  21. 207 days is the average time to identify a breach, which means hackers are in your system for over 6-months.
    IBM, 2020

  22. 93% consider an organization’s trustworthiness prior to purchasing. 59% would avoid doing business with a company cyber-attacked in the past 12 months.
    Arcserve, 2020

  23. 35% of companies reported that their employees either circumvented or disabled remote security measures.
    Palo Alto Networks, 2021

  24. Only 21% of security professionals think their current security controls are adequate.
    Forrester, 2020

  25. In 2021, the largest ransomware payout ever was made by an insurance company – $40 million.
    Business Insider, 2021

  26. About 1 in 6,000 emails contain suspicious URLs, including ransomware.
    Fortinet, 2020

  27. Since 2020, 1,681 higher education organizations have been affected by 84 ransomware attacks.
    Emsisoft, 2021

  28. Over 204,000 people experienced a login attempt to access their banking information.
    Hub Security, 2021

  29. In 2021, the average ransomware payout by a mid-sized organization was $170,404.
    Sophos, 2021

  30. 43% of all cyber-attacks target small businesses.
    Cybint, 2020

  31. The top 4 brand phishing attempts include Microsoft (43% of all brand phishing globally), DHL (18%), LinkedIn (6%), and Amazon (5%).
    Check Point Research, 2020

Cybersecurity Awareness Month exists to remind us all that we each must do our part to keep the online world safe and secure. Fortress SRM provides organizations full-spectrum cybersecurity services including Security Consulting, Incident Prevention, Managed Security, and Incident Response to minimize your risk of business disruption.

For more information Contact Fortress SRM.