In case you haven’t had time to keep up with the latest cybersecurity statistics, we’ve created this list to help you get ready for 2019.
87% of organizations said they need up to 50% more budget for cybersecurity. Unfortunately, only 12% believe they will get an increase over 25%.
For those organizations that suffer a data breach that causes significant damage, 76% said they would likely get to increase their cybersecurity budgets.
64% said if the breach doesn’t cause harm, they won’t get to increase their budget.
According to the Community Emergency Response Team, the main reasons for insider caused incidents are:
- 48.32% insider-insider collusion
- 16.75% insider-outsider collusion
Out of these incidents:
- ~ 37% involved fraud
- ~ 24% involved intellectual property theft
- ~ 6% involved fraud and theft
The average total cost of a data breach is $3.86 million.
The total cost of a breach varies by the size of the data lost. For 2018:
- If less than 10,000 records are lost, the average total cost is $2.1 million.
- If 10,000 to 25,000 records are lost, the average total cost is $3.0 million.
- If 25,001 to 50,000 records are lost, the average total cost is $4.4 million.
- If more than 50,000 records are lost, the average total cost is $5.7 million.
Once an organization has been breached, there is 27.9% likelihood that a breach will happen again within 2 years.
Once a breach has occurred, the mean time to identify (MTTI) the breach is 197 days and the mean time to contain (MTTC) it is 69 days.
When it comes to root causes for data breaches:
- 48% were caused by a malicious attack
- 27% were caused by human error
- 25% were caused by a system glitch
28% of data breaches are considered to be inside jobs. Because of this, analysts at Verizon are recommending that companies increase their education to train employees to not only look for cyber attacks from external forces but also to focus on improving internal data security behaviors.
According to IBM, devices around the world generate 2.5 billion GB of data every day.
Roughly 70% of business people either have or will experience data loss due to system failure, accidental deletion, malware, or some sort of disaster.
60% of companies that suffer a data breach in this manner will shut down within six months of the disaster.
When asked how vulnerable they felt their organization was, 90% of those surveyed felt vulnerable to an insider threat.
For the various types of insider threats, when asked which types of threats employees should be concerned about:
- 51% said they should be concerned about unintentional or accidental insider breach caused from negligence, carelessness, or compromised credentials
- 47% said they should be concerned with people willfully causing harm from a malicious or deliberate insider breach.
- 2% said they weren’t sure.
When asked about the types of insiders that posed the biggest security risk:
- 56% said regular employees
- 55% said privileged IT employees or administrators
- 42% said external contractors and service providers including temporary workers
When asked which devices they believed were at risk across their networks, they said:
- 50% databases
- 46% file servers
- 33% endpoints
- 32% network
- 30% active directory
- 29% business apps
When asked what allowed insider attacks:
- 37% said it was from users having excessive privileges on the network
- 34% said it was the increasing amount of sensitive data
- 31% said it was a lack of employee training
53% of the companies surveyed said they had at least one attack within the last year
27% said they thought that insider attacks are becoming more frequent
60% of companies are implementing a data loss prevention (DLP) solution
In healthcare, 58% of incidents were caused by insider threat, according to the 2018 Protected Health Information Data Breach report. Out of these:
- 5% of these actions were from error
- 5% from misuse
- 3% from physical threats
- 8% from hacking
- 8% from malware
When it came to data breaches from various types of misuse:
- 21.6% came from data mishandling
- 16.9% from possession abuse
- 4.2% from knowledge abuse
We hope you can use these statistics to plan for 2019.