Cybercrime remains one of the primary risks facing companies across the United States.
The following statistics highlight the most pressing cybersecurity risks organizations face today and underscore the importance of proactive security measures.
Table of contents
Top Cybersecurity statistics
- According to the Identity Theft Resource Center (ITRC), there were 3,205 data compromise incidents in 2023 which impacted over 353 million Americans and cost American businesses an average of $9.36 million per incident.
- The threat of cyberattacks is particularly acute for small-to-medium businesses (SME), which are the targets of approximately 50% of all such attacks,according to Cybersecurity Ventures. Alarmingly, 60% of small businesses close their doors within six months of experiencing a data breach or cyberattack.
- The ITRC reported that data breaches surged 72% in 2023 to a new record
- Norton Antivirus reported that over 75% of targeted cyberattacks in 2024 start with an email.
- 94% of organizations reported email security incidents
Cyber attack stats for Small-to-Medium Enterprises
Cybersecurity is a growing concern for small businesses, with over 20% identifying it as one of their biggest threats. The following statistics shed light on why SMEs are increasingly vulnerable to cyberattacks:
- According to CISCO, 70% of cyber attackers deliberately target small businesses
- Small businesses are 3x more likely to be targeted by cybercriminals than larger companies
- 61% of small businesses experienced a breach in the last year
- 70% of ransomware attacks in 2021 hit businesses with fewer than 500 employees
- Malware and email phishing (18% vs 17%) are the most frequent cybersecurity incidents for small businesses.
- The total cost of cybercrimes to small businesses is $2.4 billion per year
- 60% of small businesses that suffer a cyberattack go out of business within six months.
Manufacturing and cybersecurity
Manufacturing facilities are a top target due to their low tolerance for downtime and lower level of cyber maturity compared to other sectors.
- The Manufacturing sector represented 29% of the published ransomware victims globally, marking a 56% year-over-year increase.
- In 2023, manufacturers comprised more than 25% of security incidents, with malware attacks – primarily ransomware –making up the majority of those incidents.
- In attacks on critical infrastructure organizations, 85% of incidents could have been mitigated with patching, multi-factor authentication or least-privilege principles.
- There were 54 million victims from Supply Chain Attacks.
Defense and cybersecurity
Defense organizations are prime targets for cyberattacks due to the sensitive nature of the information they handle. Here are some statistics that tell the story further.
- The aerospace and defense sector has seen a 300% increase in cyber attacks since 2018.
- The average cost of a data breach in the defense sector is $5.46 million.
- At least 70% of the defense industrial base are small businesses, and they’re facing many of the same cyber threats as the typical small business
- Over 80% of aerospace and defense organizations have experienced a breach in the past 12 months
- 61% of defense organizations have experienced a ransomware attack in the past year, with the industry experiencing 1250 cyber incidents per week
Cybersecurity Maturity among defense contractors
The Department of Defense has raised cybersecurity standards by introducing the Cybersecurity Maturity Model Certification (CMMC), which will be required in defense contracts starting in 2025. However, many contractors are struggling to meet these new demands. According to Radicl, a cybersecurity firm for SMEs:
- Over half of defense contractors are struggling with implementing their CMMC compliance requirements
- 31% are challenged with creating efficient protocols to protect against data breaches
- 31% also report they are struggling to build an effective cybersecurity program on limited budgets and resources
- 25% report they are challenged by staying one step ahead of the evolving cyber threat landscape
Finance and cybersecurity
Small banks make a far better target than large national ones. Big banks can afford to spend billions to detect attacks and fortify themselves. Small banks can rarely match that level of vigilance. Moreover, attackers are very aware of this discrepancy.
- According to Gradient Cyber, cybercrime is quickly becoming one of the most significant emerging threats to small banks.
- In 2023, the number of data compromises in the financial services industry in the United States reached 744, up from 138 such incidents in 2020.
- The average cost of a data breach in the finance industry reached a staggering amount of $8.19 million in 2023.
Healthcare industry and cyberattacks
The healthcare industry is considered one of the most vulnerable sectors to cybercrime because patient data is so valuable.
- The number of attacks on physician groups rose from 2% of healthcare attacks in the first half of 2021 to 12% in the first half of 2022.
- Specialty clinics represent 1 in 5 attacks on healthcare facilities and service and supply vendors and physician groups faced 9% of threats.
- Hacking/IT incidents were found to be the primary cause, accounting for 73% of data breaches in the first half of 2023.
- The most common causes of data breaches in the healthcare industry are phishing attacks, ransomware attacks, and business email compromise attacks (BEC). 88% of healthcare workers opened phishing emails.
How to stay ahead of cyber attacks and protect your data
SMEs are pivotal to the American economy. As these statistics highlight, protecting data is paramount to keeping them viable. This starts by knowing you will be targeted– It is a matter of when your data will be attacked, not if. That’s why organizations need to ensure that when attackers get to data in transit or data in servers, all they get is gibberish. This can be achieved by protecting your data with end-to-end encryption.
PreVeil’s end-to-end encrypted email and file sharing platform ensure that the only people who can access your data are you and the sender. And no one else – not even PreVeil. PreVeil offers industry-leading solutions with unrivaled security, simplicity and affordability. Its end-to-end encrypted email and file-sharing platform seamlessly integrates with existing IT infrastructures, enabling institutions to meet compliance requirements without costly and disruptive changes. Widely deployed by over a thousand enterprises, PreVeil is a proven solution trusted to safeguard sensitive information.
Contact PreVeil to learn more about how we can help your organization protect its sensitive information.