Generate summary with AI

As we approach the halfway mark of the decade, data security statistics tell us a story of lessons learned while hinting at those to come. One central theme is management’s understanding of the key role cybersecurity plays in business longevity. At the same time, some leaders are overconfident in their ability to overcome constantly growing threats.

We listed 65 cybersecurity statistics to help you benchmark your operations and strategize ways to grow as you look ahead to the 2030s.

General cyber security statistics

1) 99% of basic security hygiene still protects against 99% of attacks. Microsoft

2) 87% of those surveyed report having experienced one or more security breaches in 2023. Fortinet

3) 48% of smaller organizations don’t have cyber insurance versus 16% of larger organizations. Accenture & World Economic Forum

4) 74% say there’s a moderate to high risk of employees using their personal devices for work—but one in three doesn’t track who brings their own device. Ivanti

5) Most organizations anticipate phishing (81%), malware and ransomware (76%), and accidental data loss (63%) will be the top security risks over the next six months. Fortra

6) 94% of data professionals express some degree of confidence in their ability to detect and sufficiently respond to threats. Immuta

7) Budget limitations (54%), the constantly changing nature of threats (45%), and lack of security skills (45%) are the top three impediments to better cybersecurity. Fortra

8) 80% of respondents store at least half of their data in a cloud-based platform, and most plan to continue on this path. Immuta

9) 51% of business leaders and 32% of security leaders agree that cybersecurity is a key business enabler. Accenture & World Economic Forum

10) 56% of cyber leaders meet with business leaders monthly, or more frequently, to discuss cyber-focused topics. Accenture & World Economic Forum

11) 80% say their boards include someone with security expertise, and 86% report it’s a topic of discussion at the board level. Ivanti

12) 87% say the organization’s 2024 cybersecurity budget is sufficient to meet goals, and they’re investing it across areas—from cloud and data security to identity threat detection and generative AI.  Ivanti

13) 77% say their data security budgets have increased over the past year. Immuta

14) 73% of leadership-level executives and IT/security professionals report security budgets are on the rise.  Ivanti

AI and cybersecurity statistics

15) AI/ML tool usage skyrocketed by 594.82%, rising from 521 million AI/ML-driven transactions in April 2023 to 3.1 billion monthly by January 2024. Zscaler

16) 63% see cybersecurity as the area of greatest potential for generative AI. KPMG

17) 91% of security teams use generative AI, but 65% say they don’t fully understand the implications. Splunk

18) 69% of senior executives say their organization will use generative AI for cyber defense in the next 12 months. PwC

19) 20% cite integrating AI into business processes as a top priority in the next year, compared to 35% that say implementing stronger data governance and security controls is the most significant initiative. Immuta

20) 63% believe in AI’s potential to enhance security measures, especially in improving threat detection and response capabilities. Cloud Security Alliance (CSA)

21) 75% of respondents are moderately to extremely concerned that AI will be used for cyberattacks or other malicious activities. ISC2

22) Enterprises are blocking 18.5% of all AI/ML transactions—a 577% increase in blocked transactions over nine months. Zscaler

23) 56% of data professionals say their top concern with AI is the risk of sensitive data exposure via an AI prompt. Immuta

24) 53% of organizations have not audited third-party vendors for generative AI-related risks. Ivanti

25) 52% expect GenAI to lead to catastrophic cyber attacks in the next 12 months. PwC

Cyber threat statistics: Ransomware and malware

26) 48% experienced cyber extortion, making it a more common cyberattack in 2024 than ransomware. Splunk

27) 89% were targeted by ransomware at least once. CyberArk

28) 75% affected by ransomware paid the ransom but did not recover data. CyberArk

29) 5X increase in ransom bills in the last 12 months. Sophos

30) 70% of attacks result in data encryption. Sophos

31) 32% of attacks started with an unpatched vulnerability. Sophos

32) 80-90% of all successful ransomware compromises originate through unmanaged devices. Microsoft

33) Human-operated ransomware attacks are up more than 200 percent. Microsoft

34) 70% of organizations encountering human-operated ransomware had fewer than 500 employees. Microsoft

35) There was a 400% increase in IoT malware attacks across industries. Deloitte

36) Ransomware will attack a business, consumer, or device every 2 seconds by 2031. Cybersecurity Ventures & Conceal

More cybersecurity threat statistics: Zero trust and identity access management (IAM)

37) In the last 12 months, 93% of organizations suffered two or more identity-related breaches. CyberArk

38) 94% experienced an identity-related breach at least once. CyberArk

39) Microsoft blocked an average of 4,000 password attacks per second over the past year. Microsoft

40) In the month of June 2023 alone, Microsoft detected 158 million instances of password reuse across sites. Microsoft

41) 61% of all organizations now have a defined Zero Trust security initiative in place, and another 35% plan to implement one within the next 18 months. Okta

42) 23% of respondents already started implementing zero trust. Statista

43) 47% claimed they weren’t ready to implement zero trust—either because of a lack of resources and skills or operational complexities. Statista

44) 30% of cybersecurity professionals worldwide partner with multiple security providers to build a roadmap to implement zero trust. Statista

45) After a long, steady rise, mobile device management is the most common IAM integration in 2023 (it was #7 in 2021 and #4 in 2022). Okta

Statistics of cyber security in the workforce

46) 51% say that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack. Fortinet

47) 76% say tightening compliance mandates that increase personal liability makes cybersecurity a less attractive field. Splunk

48) 59% of business leaders and 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience. Accenture & World Economic Forum

49) There’s been a 35% increase in demand for cybersecurity experts over the past year. Microsoft

50) 91% of respondents prefer to hire candidates with certifications. Fortinet

51) 89% of respondents would pay for an employee to obtain a cybersecurity certification. Fortinet

52) 88% of data professionals say employees at their organizations are using AI, but only 50% say their organization’s data security strategy is keeping up with the AI’s rate of evolution. Immuta

53) 12% of security professionals believe AI will completely replace their role. CSA

54) The majority believe AI will help enhance their skill set (30%), support their role generally (28%), or replace large parts of their role (24%), freeing them up for other tasks. CSA

55) 46% of data professionals say that six to 10 people manage security at their organization, and another 33% say that 20 or more people are involved. Immuta

Diversity & inclusion statistics in the cyber security industry

56) Active hires of cybersecurity women were 88% in 2021, 89% in 2022, and 85% in 2023. Fortinet

57)  On a global average, only 23% of cybersecurity teams are comprised of women. ISC2

58) Active cybersecurity hiring from minority groups is unchanged at 68 percent, and up slightly from 67% in 2021. Fortinet

59) Active hires of veterans are up slightly to 49% from 47% in 2022, but down from 53% in 2021. Fortinet

60) 29% of cybersecurity women felt they were discriminated against in the workplace (compared to 19% of men). ISC2

61) When averaged across all experience categories, cybersecurity women are excluded at a rate 2X higher than men. Women in Cybersecurity & Aleria

62) Those who identified with a disability in the cybersecurity field had higher sources of exclusion at a level comparable to the impact of gender. Women in Cybersecurity & Aleria

63) The level of exclusion continued to increase depending on the degree of intersectionality (the number of identity traits by which an individual differs from a member of the majority). Women in Cybersecurity & Aleria

64) The average global salary of cybersecurity women participants in ISC2’s 2023 study was $109,609. When compared to $115,003 for the men who participated, that makes a difference of $5,400.  ISC265) The average salary of men of color respondents from our industry was $143,610, while the average for cybersecurity women of color respondents was $135,630 – a difference of nearly $8,000. ISC2

Taking action on cybersecurity statistics

Reviewing statistics on cyber security industry-wide—or at least in key areas—helps benchmark your organization’s status in the industry. It can tell you what you’re doing well (and maybe have an advantage), where you might be falling behind, and most importantly, where there’s still room for growth when it comes to keeping your organization safe and thriving.

It’s critical to turn the insights you gain into proactive action. Doing so can make all the difference in the year ahead. Using advanced tools can speed up both your protection from threats and your business growth.

For example: Atera’s AI-powered IT management platform helps you remotely automate patches for Windows, Mac, and other operating systems on your end users’ devices.
Atera’s all-in-one platform gives you one-click onboarding for new devices, actionable data-based insights, and everything else you need to take cybersecurity and IT to the next level of efficiency and positive bottom-line impact. Try it for free here!

Was this helpful?

Related Articles

2025 best cybersecurity events to add to your calendar

Read now

IT Security vs. Cyber Security

Read now

25+ best cybersecurity quotes: what the experts are saying (& after getting hacked too)

Read now

Password manager vs. browser-based: Why your browser isn’t enough

Read now

Endless IT possibilities

Boost your productivity with Atera’s intuitive, centralized all-in-one platform