Photo Credit: © turbomotion046 - stock.adobe.com
Staying abreast of the latest cyber-crimes, cybersecurity trends and emerging threats can be difficult, considering the sheer volume of information regarding breaches, malware and evolving compliance regulations. With cybersecurity awareness month right around the corner, we’ve compiled a series of shocking and informative cybersecurity, data breach and information security statistics. The following is part 1 of 2 in this series.
1. According to the Ponemon Institute for Barkly’s The 2017 State of Endpoint Security Risk Report, 77% of attacks on endpoint devices in 2017 involved fileless malware and exploits. What makes this particularly disturbing, is that malware running in memory is much more difficult to detect than malware installed on systems. With malware running in memory, victims may only notice that their machines are running unusually slow.
2. The Vanson Bourne for CyberArk’s Global Advanced Threat Landscape Report 2018, reported that 56% of surveyed organizations identified phishing attacks as their most significant cybersecurity threat. Other respondents’ cybersecurity fears included insider threats, malware/ransomware and unsecured super admin accounts.
3. 26% of ransomware victims in 2017 were business users, as reported by Kaspersky Labs.
4. 87% of remote code execution attacks were made in an effort to download crypto-mining malware according to Imperva.
Breaches by the Numbers
5. At least 1,946,181,599 records that
contained personal or otherwise private data have been compromised since January 1, 2017,
as reported in Privacy Rights Clearinghouse’s Chronology of Data Breaches. While this figure is impressive, it is far less than the 8 billion records that were compromised in 2016.
6. 1,579 breaches were publicly reported in 2017, according to Identity Theft Resource Center’s 2017 Annual Data Breach Year-end Review.
This is a 44% increase from the 1,091 breaches that were publicly reported in 2016. Business organizations, including retail, hospitality and utilities comprised 55% of the reported breaches, and 23.7% were from the healthcare industry.
7. 71% of 1,200 US enterprises reported experiencing at least one data breach, according to 451 Group for Thales’ 2018 Global Threat Report.
8. 75% of data breaches have been launched by external attackers, according to Verizon’s 2017 Data Breach Investigations Report. Organized
cyber-crime groups are responsible for 51% of data breaches, while careless and/or malicious insiders account for 25%.
9. 77% of 2,800 surveyed IT professionals in the Ponemon Institute’s The Third Annual Study on the Cyber Resilient Organization, March 2018, said that their organization had not implemented a cybersecurity incident response plan. 26% of the respondents merely have informal processes in place.
10. Also reported in the above Ponemon study, the average length of time for organizations to identify a data breach is 191 days, which is a slight improvement from the 2016 average of 201. The average number of days that it took an organization to contain a breach entirely was 66 days in 2017.
Our troubling cybersecurity fact series continues with our next blog article. While the onslaught of cyber crimes seems ever-burgeoning, Align's comprehensive cybersecurity risk management solution, Align CybersecurityTM, can help you manage and implement a customized cybersecurity program, shore up cyber defenses, detect risks and identify threat points embedded in virtually all business functions and across the cybersecurity risk management spectrum. To speak with an Align cybersecurity expert, click here or the button below.