Cyber security trends are continuing to evolve at an alarming pace, making it increasingly difficult for IT decision makers to identify their primary areas of concern and put the appropriate plans in place to mitigate them. 

This is especially relevant when moving into the new year, with many departments currently discussing critical issues such as 'what should be our key focuses this year?', or even 'what technologies should we be investing in this year?'.

The most effective and straightforward way of addressing these big questions is to look back at the trends observed over the last year, but with so many different sources publishing individual reports on this you can end up just as overwhelmed as you started - which is why we have complied a list of some stand-out statistics from 2019 that will help you to get a better understanding of the current threat landscape. 

 

 

Impact, Concerns and Actions

Security Awareness Training statistic

  • 68% of business leaders feel their cyber-security risks are increasing. (Accenture)
  • An overwhelming 90% of Office 365 users have security concerns, with data protection being the most common. (Barracuda)
  • In Q3 of 2019 cyber attacks were up by 243%. (Beaming)
  • The average cost of a malware attack on a company is $2.6 million (around £1.9 million GBP). (Accenture)
  • The average cost of a phishing attack on a company is £1.3 million. (Comtact)
  • 44% of IT decision makers reported increased workload and limited resources within the IT team to be the biggest impact of cyber attacks. (Altinet)
  • 65% of organisations reported a lack of AI technology in place to defend against advanced targeted threats. (Altinet)
  • Only 25% of companies have advanced training programs designed to promote broad cyber security awareness, with 11% offering no internal training at all. (FireEye)

 

 

Email Security

Email Security Threat statistic

  • 80% of businesses experienced attempted email-based security threats in the last year. (Barracuda)
  • 94% of malware was delivered by email. (Verizon)
  • 48% of malicious email attachments are office files. (Symantec)
  • 43% of organisations have been the victim of a spear-phishing attack in the past year. (Barracuda)
  • 83% of spear-phishing attacks involve brand impersonation. (Barracuda)
  • Smaller organisations (1–250 employees) have the highest targeted malicious email rate at 1 in 323. (Symantec)

 

 

Data Protection

Data Protection Folders statistic

  • Data breaches exposed 4.1 billion records in the first half of 2019. (RiskBased)
  • $3.9 million (around £2.9 million GBP) is the average cost of a data breach. (IBM)
  • The average time to identify a breach in 2019 was 206 days, and the average life cycle from breach to containment was 314 days. (IBM)
  • 43% of breach victims were small businesses, and 34% involved internal actors. (Verizon)
  • Only 5% of companies’ folders are properly protected, on average. (Varonis)
  • 64% of EMEA businesses aren't replicating their backup data to the cloud. (Barracuda)
  • 41% of organisations said they are using no third-party solutions to back-up their Office 365 data. (Barracuda)

 

 

Network and Physical Devices

Network Ransomware statistic

  • IoT devices experience an average of 5,200 attacks per month. (Symantec)
  • 1 in 36 mobile devices have high risk apps installed. (Symantec)
  • 95% of businesses say that firewalls are as critical or more critical than ever. (Firemon)
  • 63% of all threat incidents discovered were found in encrypted traffic. (Cisco)
  • It's estimated that businesses fall for ransomware attacks every 14 seconds. (Cybersecurity Ventures)

 

For more information on how you can improve your organisation's security strategy for the new year take a look at our article on the Complete Office 365 Protection Stack - a combination of various services and features that work together to offer the most effective security solution for your entire Office 365 environment.