Cybercrime keeps getting more targeted, and the costs are climbing right alongside it. A 2023 analysis found 68% of breaches are financially motivated, while BEC alone drove $2.7 billion in losses in 2023. When you line that up with record attack volume and mounting operational burden like alert fatigue, the biggest surprise is not how attacks happen, but how hard it is to stop them fast.
Key Takeaways
- 68% of breaches are financially motivated, based on Verizon’s DBIR dataset analysis
- Check Point reported that organizations faced a record 5,167 attacks per week in 2023 on average (from its Global Threat Index materials)
- CISA received 6,500+ vulnerabilities through Coordinated Vulnerability Disclosure reports in 2023 (CISA “Vulnerability Disclosure” metrics)
- $2.7 billion was lost to Business Email Compromise (BEC) in 2023 reported by IC3
- IBM reports that breaches involving malicious or criminal attacks are costlier than other causes
- 53% of organizations reported using at least one form of MFA for customer-facing login, per Microsoft Digital Defense Report metrics
- The global cybersecurity market is projected to reach $223.1 billion in 2024 and $360.0 billion by 2028 (Cybersecurity Ventures forecast)
- The global managed security services market is projected to reach $34.1 billion in 2024 (MarketsandMarkets)
- The global cloud security market is projected to reach $14.1 billion in 2023 and $67.8 billion by 2030 (MarketsandMarkets)
- Organizations experiencing breaches are required under GDPR to notify regulators within 72 hours when feasible, per the regulation
- The EU NIS2 Directive requires essential entities to take appropriate and proportionate security measures and to report incidents
- CISA’s Binding Operational Directive 22-01 (BOD 22-01) requires federal agencies to limit risk from public-facing external systems by enforcing vulnerability protections
- 67% of organizations say they have experienced a data breach caused by phishing or social engineering (2024 survey), linking initial access to human-targeted attacks
- The average ransomware incident cost organizations $5.0 million in 2023 (2024 report), capturing direct incident expenses plus recovery
- 41% of organizations reported that breach response required more than 100 hours of internal labor (2024 survey), quantifying human effort
With breaches often financially driven, rising attack volumes, and steep ransomware costs, stronger security spending and faster response are essential.
Related reading
Threat Landscape
168% of breaches are financially motivated, based on Verizon’s DBIR dataset analysis[1]
Verified
2Check Point reported that organizations faced a record 5,167 attacks per week in 2023 on average (from its Global Threat Index materials)[2]
Single source
3CISA received 6,500+ vulnerabilities through Coordinated Vulnerability Disclosure reports in 2023 (CISA “Vulnerability Disclosure” metrics)[3]
Verified
Threat Landscape Interpretation
In the Threat Landscape, financially motivated breaches dominate at 68 percent while attack pressure is rising, with Check Point averaging 5,167 attacks per week in 2023 and CISA receiving 6,500 plus vulnerability reports that year.
Cost Analysis
1$2.7 billion was lost to Business Email Compromise (BEC) in 2023 reported by IC3[4]
Verified
2IBM reports that breaches involving malicious or criminal attacks are costlier than other causes[5]
Verified
353% of organizations reported using at least one form of MFA for customer-facing login, per Microsoft Digital Defense Report metrics[6]
Directional
Cost Analysis Interpretation
Cost analysis shows that Business Email Compromise alone cost 2.7 billion dollars in 2023 and that IBM finds malicious attacks generally drive higher breach costs, which suggests stronger defenses such as the 53 percent of organizations using some form of customer-facing MFA can be a meaningful lever to reduce expensive cyber incidents.
Market Size
1The global cybersecurity market is projected to reach $223.1 billion in 2024 and $360.0 billion by 2028 (Cybersecurity Ventures forecast)[7]
Verified
2The global managed security services market is projected to reach $34.1 billion in 2024 (MarketsandMarkets)[8]
Verified
3The global cloud security market is projected to reach $14.1 billion in 2023 and $67.8 billion by 2030 (MarketsandMarkets)[9]
Verified
4The global security information and event management (SIEM) market is expected to reach $60.7 billion by 2028 (MarketsandMarkets)[10]
Directional
5The global endpoint security market size is forecast to be $27.9 billion in 2024 and $46.6 billion by 2029 (MarketsandMarkets)[11]
Verified
6The global identity and access management market is projected to reach $29.5 billion in 2023 and $56.6 billion by 2030 (IMARC)[12]
Verified
7Global cybersecurity spending is forecast to reach $197.9 billion in 2024 (Gartner estimate)[13]
Verified
8U.S. cybersecurity spending is forecast to reach $244.2 billion in 2024 (Gartner)[14]
Verified
9The U.S. SOAR platform market is expected to grow from $3.4 billion in 2023 to $9.8 billion by 2030 (MarketsandMarkets)[15]
Verified
Market Size Interpretation
Market size signals rapid expansion across cybersecurity segments, with the global cybersecurity market projected to grow from $223.1 billion in 2024 to $360.0 billion by 2028, alongside strong growth in areas like SIEM reaching $60.7 billion by 2028 and endpoint security rising to $46.6 billion by 2029.
Industry Trends
1Organizations experiencing breaches are required under GDPR to notify regulators within 72 hours when feasible, per the regulation[16]
Verified
2The EU NIS2 Directive requires essential entities to take appropriate and proportionate security measures and to report incidents[17]
Directional
3CISA’s Binding Operational Directive 22-01 (BOD 22-01) requires federal agencies to limit risk from public-facing external systems by enforcing vulnerability protections[18]
Verified
4CISA’s Binding Operational Directive 23-01 (BOD 23-01) required federal agencies to improve logging and detection by May 2024[19]
Directional
5NIST SP 800-61 Revision 2 requires that incident response include preparation, detection and analysis, containment, eradication and recovery, and post-incident activity[20]
Single source
6NIST’s Cybersecurity Framework (CSF) 2.0 includes 5 Functions: Govern, Identify, Protect, Detect, Respond, Recover[21]
Verified
7The number of publicly disclosed data breaches reached 3,205 in 2023 in the IBM X-Force Threat Intelligence Index (2024 release), indicating reporting volume[22]
Verified
Industry Trends Interpretation
In Industry Trends, the steady rise in accountability and capabilities is clear as publicly disclosed breaches hit 3,205 in 2023, while frameworks and directives worldwide increasingly require faster incident reporting and stronger prevention, detection, and response measures.
More related reading
Threat Incidents
167% of organizations say they have experienced a data breach caused by phishing or social engineering (2024 survey), linking initial access to human-targeted attacks[23]
Verified
Threat Incidents Interpretation
In the Threat Incidents category, 67% of organizations report that a phishing or social engineering breach was the driver of their initial data breach in 2024, showing how often these human targeted attacks lead to real compromise.
Breach Economics
1The average ransomware incident cost organizations $5.0 million in 2023 (2024 report), capturing direct incident expenses plus recovery[24]
Single source
Breach Economics Interpretation
In Breach Economics, the average ransomware incident cost rose to $5.0 million in 2023, underscoring how breach losses are largely driven by direct incident expenses plus recovery.
Incident Response
141% of organizations reported that breach response required more than 100 hours of internal labor (2024 survey), quantifying human effort[25]
Verified
Incident Response Interpretation
For incident response, 41% of organizations say breach handling demands more than 100 hours of internal labor, underscoring how resource intensive the response phase can be.
Controls And Adoption
158% of organizations stated they had a formal cybersecurity risk assessment process in place (2024 survey), showing risk management adoption[26]
Directional
Controls And Adoption Interpretation
In the 2024 survey, 58% of organizations reported having a formal cybersecurity risk assessment process in place, indicating solid but still developing adoption of controls and structured risk management practices.
More related reading
Ransomware Impact
13.4% of detected ransomware incidents resulted in data loss without extortion, based on SentinelOne’s incident observations[27]
Directional
Ransomware Impact Interpretation
Within the Ransomware Impact category, 3.4% of detected ransomware incidents ended with data loss even without extortion, showing that ransomware harm can occur without ransom demands.
Attack Frequency & Vectors
180% of organizations reported that they were targeted by at least one botnet attack during the last 12 months[28]
Verified
Attack Frequency & Vectors Interpretation
From an Attack Frequency & Vectors perspective, 80% of organizations reported being targeted by at least one botnet attack in the past 12 months, showing botnets are a consistently recurring threat vector.
Incident Readiness
170% of organizations said they use threat intelligence feeds to support incident response decisions[29]
Verified
245% of security professionals said alert fatigue is a major issue in their SOC environment, indicating operational readiness constraints[30]
Directional
Incident Readiness Interpretation
Incident readiness appears strongest where 70% of organizations leverage threat intelligence feeds to guide response decisions, but it is being undermined by SOC operational strain since 45% report alert fatigue as a major issue.
Industry Compliance
1In 2023, HHS OCR posted 1,478,653 individuals affected by breaches involving improper access/disclosure categories (HIPAA breach notifications)[31]
Verified
Industry Compliance Interpretation
In 2023, HHS OCR reported 1,478,653 individuals affected by HIPAA breach notifications tied to improper access or disclosure, underscoring how critical industry compliance remains for controlling unauthorized data exposure.
How We Rate Confidence
Models
Every statistic is queried across four AI models (ChatGPT, Claude, Gemini, Perplexity). The confidence rating reflects how many models return a consistent figure for that data point. Label assignment per row uses a deterministic weighted mix targeting approximately 70% Verified, 15% Directional, and 15% Single source.
Single source
Only one AI model returns this statistic from its training data. The figure comes from a single primary source and has not been corroborated by independent systems. Use with caution; cross-reference before citing.
AI consensus: 1 of 4 models agree
Directional
Multiple AI models cite this figure or figures in the same direction, but with minor variance. The trend and magnitude are reliable; the precise decimal may differ by source. Suitable for directional analysis.
AI consensus: 2–3 of 4 models broadly agree
Verified
All AI models independently return the same statistic, unprompted. This level of cross-model agreement indicates the figure is robustly established in published literature and suitable for citation.
AI consensus: 4 of 4 models fully agree
Models
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
APA
Helena Kowalczyk. (2026, February 13). Cyberattack Statistics. Gitnux. https://gitnux.org/cyberattack-statistics
MLA
Helena Kowalczyk. "Cyberattack Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/cyberattack-statistics.
Chicago
Helena Kowalczyk. 2026. "Cyberattack Statistics." Gitnux. https://gitnux.org/cyberattack-statistics.
References
- 1verizon.com/business/resources/reports/dbir/
- 2checkpoint.com/resources/research/global-threat-index/
- 3cisa.gov/news-events/alerts
- 18cisa.gov/news-events/binding-operational-directive-22-01
- 19cisa.gov/news-events/binding-operational-directive-23-01
- 4ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf
- 5ibm.com/reports/data-breach
- 6microsoft.com/en-us/security/business/microsoft-digital-defense-report
- 7cybersecurityventures.com/cybersecurity-market-report/
- 8marketsandmarkets.com/Market-Reports/managed-security-services-market-188532958.html
- 9marketsandmarkets.com/Market-Reports/cloud-security-market-1291.html
- 10marketsandmarkets.com/Market-Reports/security-information-event-management-market-1262.html
- 11marketsandmarkets.com/Market-Reports/endpoint-security-market-155020829.html
- 15marketsandmarkets.com/Market-Reports/security-orchestration-automation-response-soar-market-1885552.html
- 12imarcgroup.com/identity-and-access-management-market
- 13gartner.com/en/newsroom/press-releases/2024-08-20-gartner-forecast-global-cybersecurity-spending-to-reach-277-9-billion-in-2024
- 14gartner.com/en/newsroom/press-releases/2024-08-20-gartner-forecast-us-cybersecurity-spending-to-reach-244-2-billion-in-2024
- 16eur-lex.europa.eu/eli/reg/2016/679/oj
- 17eur-lex.europa.eu/eli/dir/2022/2555/oj
- 20csrc.nist.gov/pubs/sp/800/61/r2/final
- 21nist.gov/cyberframework/framework
- 22exchange.xforce.ibmcloud.com/2024-data-breach-trends
- 23agari.com/resources/reports/state-of-email-security-2024/
- 24crowe.com/insights/2024/07/ransomware-costs-2024
- 25varonis.com/blog/2024-data-breach-survey
- 26cybint.com/insights/risk-assessment-practices-survey-2024/
- 27sentinelone.com/resources/ransomware-report/
- 28cloudflare.com/en-gb/learning/industry-report/security-ddos-report/
- 29cybersecurity-insiders.com/report-incident-response-2024/
- 30cybersecurity-insiders.com/report-security-operations-center-2024/
- 31ocrportal.hhs.gov/ocr/breach/breach_report.jsf