2020 has been a wild ride all around, and it’s been extra bumpy for cybersecurity. The pandemic, the Great Work From Home, the rapidly evolving business landscape, a booming Dark Web, financial uncertainty, and a huge surge in phishing as bad actors take advantage of the tumult are all contributing to setting this year up to be a record-breaking year for data breaches.

These 2020 data breach statistics clearly show that this year is on its way to being increasingly difficult for cybersecurity professionals – and increasingly dangerous for businesses.

  • 49% of US companies have experienced a data breach
  • 43% of breach victims were small businesses
  • 80% of hacking breaches involve brute force or stolen credentials
  • 71% of breaches were financially motivated and 25% were motivated by espionage
  • 34% of data breaches involved internal actors
  • 41% of US-based companies allow employees unrestricted access to sensitive data
  • 73% of organizations view strong cybersecurity as a major contributor to business success
  • 7 million data records are compromised daily
  • 43% of data breaches are cloud-based web applications
  • 67% of data breaches resulted from credential theft, human error or social attacks
  • 68% of business leaders feel their cybersecurity risks are increasing.
  • Data breaches exposed 4.1 billion records in the first half of 2019. (RiskBased)
  • 71% of breaches were financially motivated and 25% were motivated by espionage. (Verizon)
  • 52% of breaches featured hacking, 28% involved malware and 32–33% included phishing or social engineering, respectively. (Verizon)

To keep your business protected, it’s important to understand the most common causes of data breaches, and understand how to recognize and minimize the risks..

  • 7 Most Common Causes of Data Breach in 2019
  • Weak and Stolen Credentials, a.k.a. Passwords
  • Back Doors, Application Vulnerabilities
  • Malware
  • Social Engineering
  • Too Many Permissions
  • Insider Threats
  • Improper Configuration and User Error

The growth of large-scale breaches represents a growing trend of security violations both in quantity and their severity. Data breaches expose sensitive information that often leaves users at risk for identity theft, ruin companies’ reputations and leave the company liable for compliance violation fines and civil suits.

  • Security breaches have increased by 11% since 2018 and 67% since 2014. (Ponemon Institute)
  • Hackers attack every 39 seconds, on average 2,244 times a day. (University of Maryland)
  • The average time to identify a breach in 2019 was 7 months. (IBM)
  • The average lifecycle of a breach lasted almost 11 months (from the breach to containment). (IBM)
  • The average cost of a data breach is $3.92 million as of 2019. (Security Intelligence)
  • In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers and forced to pay them $100,000. (Bloomberg)
  • Even though the Equifax breach was in 2017, the company is still paying off the $4 billion in total.

Cyber Crime by Attack Type

It’s important to have an understanding of the metrics surrounding cybersecurity issues in terms of their types. Mostly, cyberattacks include:

  • Malware attacks
  • DoS and DDoS Attacks (Denial of Service and Distributed Denial of Service)
  • MitM Attacks (Man in the Middle)
  • Phishing and spear-phishing attacks
  • Drive-by attacks
  • Password attacks
  • SQL injection attacks (SQL databases)
  • XSS attacks (Cross Site Scripting)
  • Cybercrime attack type statistics:
  • 34% of data breaches involved internal actors. (Verizon)
  • 69% of organizations don’t believe the threats they’re seeing can be blocked by their anti-virus software. (Ponemon Institute)
  • The average cost of a ransomware attack on businesses is $133,000. (SafeAtLast)
  • 92% of malware is delivered by email. (CSO Online)
  • Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2% of all ransomware attacks. (Symantec)

Security Spending and Costs

Cybersecurity budgeting has been increasing steadily as more decision-makers are realizing the value and importance of cybersecurity investments.

  • By the end of 2020, security services by out-sourced specialists are expected to account for 50% of cybersecurity budgets. (Gartner).
  • The average cost in time of a malware attack is 50 days. (Accenture)
  • The most expensive component of a cyber-attack is information loss at $5.9 million. (Accenture)
  • Including turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill, the cost of lost business globally was highest for U.S. companies at $4.13 million per company. (Ponemon Institute)
  • 50% of large enterprises (with over 10,000 employees) are spending $1 million or more annually on security, with 43% spending $250,000.

To improve your Cybersecurity protections and awareness you don’t need to invest in a bunch of new security tools. The truth is that 80% of data breaches can be prevented with basic actions, such as vulnerability assessments, patching, and proper configurations.

Although the reality is challenging, and a future is not promising to be better in terms of cybersecurity threats and malicious attacks, we are here to address your challenges and to help you improve your cybersecurity protection and provide you recommendations for improving your overall cyber security.

HBBTech has been offering multi-layered computer and network security since 2014, and not one client has suffered a successful attack. Security services start for as little as $15 per month. For just $15 per computer, per month, HBBTech can keep your computers patched, (keep your software up to date). We monitor and patch more than 100 software titles on a daily basis, substantially reducing your risk of attacks related to out of date software.

To learn more, and to find out if the software you use is covered, call (636) 542-8653 today!