Table of contents
Table of contents
- General cyber security statistics
- AI and cybersecurity statistics
- Cyber threat statistics: Ransomware and malware
- More cybersecurity threat statistics: Zero trust and identity access management (IAM)
- Statistics of cyber security in the workforce
- Diversity & inclusion statistics in the cyber security industry
- Taking action on cybersecurity statistics
Generate summary with AI
As we approach the halfway mark of the decade, data security statistics tell us a story of lessons learned while hinting at those to come. One central theme is management’s understanding of the key role cybersecurity plays in business longevity. At the same time, some leaders are overconfident in their ability to overcome constantly growing threats.
We listed 65 cybersecurity statistics to help you benchmark your operations and strategize ways to grow as you look ahead to the 2030s.
General cyber security statistics
1) 99% of basic security hygiene still protects against 99% of attacks. Microsoft
2) 87% of those surveyed report having experienced one or more security breaches in 2023. Fortinet
3) 48% of smaller organizations don’t have cyber insurance versus 16% of larger organizations. Accenture & World Economic Forum
4) 74% say there’s a moderate to high risk of employees using their personal devices for work—but one in three doesn’t track who brings their own device. Ivanti
5) Most organizations anticipate phishing (81%), malware and ransomware (76%), and accidental data loss (63%) will be the top security risks over the next six months. Fortra
6) 94% of data professionals express some degree of confidence in their ability to detect and sufficiently respond to threats. Immuta
7) Budget limitations (54%), the constantly changing nature of threats (45%), and lack of security skills (45%) are the top three impediments to better cybersecurity. Fortra
8) 80% of respondents store at least half of their data in a cloud-based platform, and most plan to continue on this path. Immuta
9) 51% of business leaders and 32% of security leaders agree that cybersecurity is a key business enabler. Accenture & World Economic Forum
10) 56% of cyber leaders meet with business leaders monthly, or more frequently, to discuss cyber-focused topics. Accenture & World Economic Forum
11) 80% say their boards include someone with security expertise, and 86% report it’s a topic of discussion at the board level. Ivanti
12) 87% say the organization’s 2024 cybersecurity budget is sufficient to meet goals, and they’re investing it across areas—from cloud and data security to identity threat detection and generative AI. Ivanti
13) 77% say their data security budgets have increased over the past year. Immuta
14) 73% of leadership-level executives and IT/security professionals report security budgets are on the rise. Ivanti
AI and cybersecurity statistics
15) AI/ML tool usage skyrocketed by 594.82%, rising from 521 million AI/ML-driven transactions in April 2023 to 3.1 billion monthly by January 2024. Zscaler
16) 63% see cybersecurity as the area of greatest potential for generative AI. KPMG
17) 91% of security teams use generative AI, but 65% say they don’t fully understand the implications. Splunk
18) 69% of senior executives say their organization will use generative AI for cyber defense in the next 12 months. PwC
19) 20% cite integrating AI into business processes as a top priority in the next year, compared to 35% that say implementing stronger data governance and security controls is the most significant initiative. Immuta
20) 63% believe in AI’s potential to enhance security measures, especially in improving threat detection and response capabilities. Cloud Security Alliance (CSA)
21) 75% of respondents are moderately to extremely concerned that AI will be used for cyberattacks or other malicious activities. ISC2
22) Enterprises are blocking 18.5% of all AI/ML transactions—a 577% increase in blocked transactions over nine months. Zscaler
23) 56% of data professionals say their top concern with AI is the risk of sensitive data exposure via an AI prompt. Immuta
24) 53% of organizations have not audited third-party vendors for generative AI-related risks. Ivanti
25) 52% expect GenAI to lead to catastrophic cyber attacks in the next 12 months. PwC
Cyber threat statistics: Ransomware and malware
26) 48% experienced cyber extortion, making it a more common cyberattack in 2024 than ransomware. Splunk
27) 89% were targeted by ransomware at least once. CyberArk
28) 75% affected by ransomware paid the ransom but did not recover data. CyberArk
29) 5X increase in ransom bills in the last 12 months. Sophos
30) 70% of attacks result in data encryption. Sophos
31) 32% of attacks started with an unpatched vulnerability. Sophos
32) 80-90% of all successful ransomware compromises originate through unmanaged devices. Microsoft
33) Human-operated ransomware attacks are up more than 200 percent. Microsoft
34) 70% of organizations encountering human-operated ransomware had fewer than 500 employees. Microsoft
35) There was a 400% increase in IoT malware attacks across industries. Deloitte
36) Ransomware will attack a business, consumer, or device every 2 seconds by 2031. Cybersecurity Ventures & Conceal
More cybersecurity threat statistics: Zero trust and identity access management (IAM)
37) In the last 12 months, 93% of organizations suffered two or more identity-related breaches. CyberArk
38) 94% experienced an identity-related breach at least once. CyberArk
39) Microsoft blocked an average of 4,000 password attacks per second over the past year. Microsoft
40) In the month of June 2023 alone, Microsoft detected 158 million instances of password reuse across sites. Microsoft
41) 61% of all organizations now have a defined Zero Trust security initiative in place, and another 35% plan to implement one within the next 18 months. Okta
42) 23% of respondents already started implementing zero trust. Statista
43) 47% claimed they weren’t ready to implement zero trust—either because of a lack of resources and skills or operational complexities. Statista
44) 30% of cybersecurity professionals worldwide partner with multiple security providers to build a roadmap to implement zero trust. Statista
45) After a long, steady rise, mobile device management is the most common IAM integration in 2023 (it was #7 in 2021 and #4 in 2022). Okta
Statistics of cyber security in the workforce
46) 51% say that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack. Fortinet
47) 76% say tightening compliance mandates that increase personal liability makes cybersecurity a less attractive field. Splunk
48) 59% of business leaders and 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience. Accenture & World Economic Forum
49) There’s been a 35% increase in demand for cybersecurity experts over the past year. Microsoft
50) 91% of respondents prefer to hire candidates with certifications. Fortinet
51) 89% of respondents would pay for an employee to obtain a cybersecurity certification. Fortinet
52) 88% of data professionals say employees at their organizations are using AI, but only 50% say their organization’s data security strategy is keeping up with the AI’s rate of evolution. Immuta
53) 12% of security professionals believe AI will completely replace their role. CSA
54) The majority believe AI will help enhance their skill set (30%), support their role generally (28%), or replace large parts of their role (24%), freeing them up for other tasks. CSA
55) 46% of data professionals say that six to 10 people manage security at their organization, and another 33% say that 20 or more people are involved. Immuta
Diversity & inclusion statistics in the cyber security industry
56) Active hires of cybersecurity women were 88% in 2021, 89% in 2022, and 85% in 2023. Fortinet
57) On a global average, only 23% of cybersecurity teams are comprised of women. ISC2
58) Active cybersecurity hiring from minority groups is unchanged at 68 percent, and up slightly from 67% in 2021. Fortinet
59) Active hires of veterans are up slightly to 49% from 47% in 2022, but down from 53% in 2021. Fortinet
60) 29% of cybersecurity women felt they were discriminated against in the workplace (compared to 19% of men). ISC2
61) When averaged across all experience categories, cybersecurity women are excluded at a rate 2X higher than men. Women in Cybersecurity & Aleria
62) Those who identified with a disability in the cybersecurity field had higher sources of exclusion at a level comparable to the impact of gender. Women in Cybersecurity & Aleria
63) The level of exclusion continued to increase depending on the degree of intersectionality (the number of identity traits by which an individual differs from a member of the majority). Women in Cybersecurity & Aleria
64) The average global salary of cybersecurity women participants in ISC2’s 2023 study was $109,609. When compared to $115,003 for the men who participated, that makes a difference of $5,400. ISC265) The average salary of men of color respondents from our industry was $143,610, while the average for cybersecurity women of color respondents was $135,630 – a difference of nearly $8,000. ISC2
Taking action on cybersecurity statistics
Reviewing statistics on cyber security industry-wide—or at least in key areas—helps benchmark your organization’s status in the industry. It can tell you what you’re doing well (and maybe have an advantage), where you might be falling behind, and most importantly, where there’s still room for growth when it comes to keeping your organization safe and thriving.
It’s critical to turn the insights you gain into proactive action. Doing so can make all the difference in the year ahead. Using advanced tools can speed up both your protection from threats and your business growth.
For example: Atera’s AI-powered IT management platform helps you remotely automate patches for Windows, Mac, and other operating systems on your end users’ devices.
Atera’s all-in-one platform gives you one-click onboarding for new devices, actionable data-based insights, and everything else you need to take cybersecurity and IT to the next level of efficiency and positive bottom-line impact. Try it for free here!
Related Articles
2025 best cybersecurity events to add to your calendar
Discover the top cybersecurity conferences in 2024-2025 that will keep you informed and ahead of the curve. From AI and IoT to collaboration and risk management, these events are perfect for staying on top of trends and challenges in the cybersecurity industry.
Read nowIT Security vs. Cyber Security
Explore the definitions and the distinguishing features of cyber security vs IT security so that you can understand and apply both practices effectively.
Read now25+ best cybersecurity quotes: what the experts are saying (& after getting hacked too)
Discover expert insights on cybersecurity trends and the rising global cost of cybercrime. Learn from top quotes on the importance of protecting data and mitigating cyber risks in a rapidly evolving digital landscape.
Read nowPassword manager vs. browser-based: Why your browser isn’t enough
Just as you wouldn’t leave your car or house unlocked, you don’t want to expose your passwords, which is why you need a password manager.
Read nowEndless IT possibilities
Boost your productivity with Atera’s intuitive, centralized all-in-one platform