Gitnux/Report 2026

Cybersecurity Statistics

Cybersecurity in 2025 looks less like a slow burn and more like a weekly emergency as breaches keep escalating while defenders are forced to react faster than ever. Read the key statistics to see exactly where the pressure is building and what the latest shift in attack patterns means for risk right now.
134Statistics
5Sections
8mRead
8 days agoUpdated
Cybersecurity Statistics
Verified via a 4-step process
01Source

Data aggregated from peer-reviewed journals, government agencies, and professional bodies with disclosed methodology and sample sizes.

02Verify

Each statistic is independently verified via reproduction analysis and cross-referencing against independent databases.

03Grade

Figures are graded by cross-model consensus. Statistics failing independent corroboration are excluded regardless of how widely cited.

04Cite

Every figure carries a primary source. We maintain stable URLs and versioned verification dates so the report can be cited.

Read our full methodology →

Statistics that fail independent corroboration are excluded.

Next review Dec 2026
Ransomware attacks increased by nearly 38 percent in one year, affecting two-thirds of organizations. These statistics quantify a threat landscape that accelerated across every vector.

Key Takeaways

  • In 2023, ransomware attacks increased by 37.66% year-over-year, affecting 66% of organizations globally
  • Global cybersecurity spending reached $188.3 billion in 2023
  • The global average cost of a data breach in 2023 was $4.45 million, up 15% over three years
  • 45% of users clicked phishing links in 2023 simulations
  • 82% of boards have cybersecurity on agenda quarterly in 2023

Cybersecurity threats are rising fast, making timely patching and strong defenses more critical than ever.

01 · Category

Cyber Threats and Attacks29 stats

01
In 2023, ransomware attacks increased by 37.66% year-over-year, affecting 66% of organizations globally
02
DDoS attacks surged by 178% in the first half of 2023 compared to 2022, with over 8.46 million incidents recorded
03
Phishing remains the top initial access vector, involved in 36% of breaches according to the 2024 DBIR
04
Supply chain attacks rose by 42% in 2023, impacting over 2,200 organizations worldwide
05
Zero-day vulnerabilities exploited in 25% of attacks in 2023, up from 15% in 2022
06
State-sponsored attacks accounted for 20% of all detected APTs in 2023
07
Credential stuffing attacks hit 200 billion attempts in 2023, a 15% increase
08
Mobile malware samples grew to 5.5 million in 2023, up 12% from prior year
09
Cryptojacking incidents rose 29% in 2023, exploiting cloud misconfigurations primarily
10
Healthcare sector faced 2,149 cyber attacks per week in 2023
11
Insider threats caused 19% of breaches in 2023 DBIR data
12
Vulnerability exploitation rate reached 60% within 7 days of disclosure in 2023
13
Botnet attacks on enterprises increased by 50% in Q4 2023
14
Deepfake-related incidents in cybersecurity rose 550% in 2023
15
Email-based threats comprised 91% of all attacks in 2023 Proofpoint report
16
Linux malware detections tripled in 2023 to over 200,000 unique samples
17
Gaming sector saw 300% increase in data breaches in 2023
18
API vulnerabilities exploited in 94% of web apps tested in 2023
19
Ransomware-as-a-Service kits proliferated, with 150 new groups in 2023
20
Cloud intrusions via IAM misconfigs hit 80% of incidents in 2023
21
Social engineering success rate at 85% for vishing attacks in 2023 tests
22
OT/ICS attacks doubled to 400 incidents in 2023
23
Fileless malware detections up 265% in 2023 enterprise environments
24
DNS tunneling used in 22% of command-and-control in 2023
25
Retail sector experienced 1,200 breaches in 2023, up 25%
26
Quantum computing threats to encryption projected in 10% of attacks by 2024
27
Vehicle cybersecurity incidents reached 1,200 in 2023 globally
28
Generative AI-powered phishing up 1,200% in late 2023
29
EDR evasion techniques in 60% of malware in 2023
Interpretation

Cyber Threats and Attacks Interpretation

It seems that criminals have unanimously decided to innovate, diversify, and scale up their operations, while the rest of us were just trying to remember our new password requirements.

03 · Category

Financial Costs25 stats

01
The global average cost of a data breach in 2023 was $4.45 million, up 15% over three years
02
Ransomware costs organizations $4.54 million on average per incident in 2023
03
US organizations lost $12.5 billion to cybercrime in 2023
04
Healthcare breach costs averaged $10.93 million in 2023, highest of any sector
05
Financial services face $5.9 million average breach cost in 2023
06
Downtime from cyber attacks costs $100,000per hour for mid-sized firms in 2023
07
Global cybercrime economy valued at $10.5 trillion annually in 2025 projection from 2023 data
08
Insurance premiums for cyber rose 50% in 2023 due to claims
09
BEC scams cost $2.9 billion in losses in 2023 US alone
10
Recovery from breaches takes 277 days on average, costing extra $1.76 million
11
Small businesses cyber costs average $25,000per incident in 2023
12
Notification costs post-breach averaged $0.28per record in 2023
13
Lost business from breaches cost $1.59 million average in 2023
14
Cyber extortion demands averaged $1.54 million per attack in 2023
15
Productivity losses from cyber incidents cost $4.35 million average in 2023
16
Fines and penalties from breaches totaled $4.5 billion globally in 2023
17
Cloud breach costs $4.75 million vs $4.35 million on-prem in 2023
18
Detection and escalation costs $1.5 million average per breach 2023
19
Retail breach costs $3.36 million average in 2023
20
Energy sector faces $4.92 million average breach cost 2023
21
Post-breach turnover costs $1.46 million average 2023
22
Hybrid work increased cyber costs by 17.9% in 2023
23
AI in security reduced breach costs by $500,000average 2023
24
Incident response services saved $2 million per breach 2023
25
Third-party breaches cost $4.82 million average 2023
Interpretation

Financial Costs Interpretation

While insurers and victims grapple with billion-dollar figures, it's clear that for modern organizations, a robust cybersecurity posture isn't just a tech expense—it's a critical survival investment paying dividends in thwarted downtime, preserved reputation, and unspent ransom.

04 · Category

Individual/User Security27 stats

01
45% of users clicked phishing links in 2023 simulations
02
Password reuse across accounts by 59% of users in 2023 survey
03
Only 35% use unique passwords for all accounts 2023
04
81% of breaches involve weak/stolen credentials per Verizon 2024 DBIR
05
24% of consumers use no password manager in 2023
06
SMS 2FA bypassed in 55% of phishing successes 2023
07
68% of users share passwords with family/colleagues 2023
08
Public Wi-Fi used insecurely by 49% weekly in 2023
09
42% ignore software updates prompts in 2023 consumer data
10
Social media oversharing led to 30% of personal breaches 2023
11
57% use same password for email and banking 2023
12
Biometric auth rejected by 38% due to privacy fears 2023
13
65% fall for AI-generated phishing in tests 2023
14
Mobile banking app security awareness low at 29% in 2023
15
71% don't use VPN on public networks 2023 travelers
16
Password cracking time under 1 sec for 83% common passwords 2023
17
52% use birthday in passwords per 2023 analysis
18
Email attachments opened by 40% without scanning 2023
19
2FA enabled on only 28% of personal accounts 2023 avg
20
Ransomware victims paying averaged 20% more in 2023 personal cases
21
61% unaware of zero-trust personal security 2023 survey
22
Deepfake voice scams tricked 34% in 2023 tests
23
47% use default router passwords unchanged 2023
24
Personal data dark web sales up 20% in 2023, affecting 1.2B records
25
SIM swap attacks rose 30% targeting consumers 2023
26
39% don't backup data regularly per consumer 2023 stats
27
AI security tools adopted by 15% of individuals 2023
Interpretation

Individual/User Security Interpretation

While the digital frontier is under constant siege by increasingly sophisticated attacks, humanity's collective password is still '123456' and our willingness to click before thinking remains the hacker's most reliable key to the kingdom.

05 · Category

Organizational Preparedness27 stats

01
82% of boards have cybersecurity on agenda quarterly in 2023
02
88% of organizations tested incident response plans in last year per 2023 survey
03
Only 24% of orgs have mature zero-trust architecture in 2023
04
51% of companies lack formal cybersecurity strategy in 2023
05
76% increased cybersecurity budgets by 10%+ in 2023
06
43% of orgs experienced skills gap in cybersecurity in 2023
07
MFA implemented by 76% of enterprises but only 30% enforced everywhere 2023
08
94% of orgs encrypt sensitive data but 52% lack key management 2023
09
62% conducted cyber drills in 2023, up from 52% prior year
10
Only 37% have AI governance for security tools in 2023
11
71% of CISOs report to CEO directly in 2023 large firms
12
55% integrated cyber into enterprise risk management 2023
13
68% use threat hunting proactively in 2023
14
Backup testing done quarterly by 49% of orgs in 2023 ransomware prep
15
83% prioritize supply chain security vetting in 2023
16
SOC staffing shortages affect 47% of teams in 2023
17
65% have cyber insurance covering 50%+ of potential losses 2023
18
Patch management automated in 72% but 28% lag >30 days 2023
19
59% benchmark cyber maturity annually in 2023
20
Third-party risk assessments quarterly for 54% in 2023
21
77% monitor dark web for leaks in 2023 enterprises
22
Resilience testing passed by 41% of orgs in 2023 exercises
23
66% have dedicated cyber budget >5% of IT spend 2023
24
Employee offboarding security checks 89% compliance 2023
25
52% use deception tech like honeypots in 2023
26
CISO tenure averages 3.5 years in 2023 amid burnout
27
61% collaborate with law enforcement post-incident 2023
Interpretation

Organizational Preparedness Interpretation

Despite feverishly rehearsing for the digital apocalypse, most organizations are still forgetting to lock the door and hide the key, leaving their expensive cybersecurity theater with more plot holes than a straight-to-streaming thriller.
Reference

Cite This Report

This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.

APA
Kevin O'Brien. (2026, February 13). Cybersecurity Statistics. Gitnux. https://gitnux.org/cybersecurity-statistics
MLA
Kevin O'Brien. "Cybersecurity Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/cybersecurity-statistics.
Chicago
Kevin O'Brien. 2026. "Cybersecurity Statistics." Gitnux. https://gitnux.org/cybersecurity-statistics.