Key Takeaways
- 1.4% of global GDP is the estimate of gross losses from cybercrime, based on a 2023 report by the International Monetary Fund (IMF) using historical ransomware growth and other sources.
- 65% of breaches involved the human element (e.g., phishing, credential theft), according to Verizon’s 2024 Data Breach Investigations Report (DBIR).
- 73% of organizations use a firewall for perimeter security, according to Verizon’s 2024 DBIR technology/controls coverage data.
- The average cost of a data breach is $4.45 million globally, according to IBM Cost of a Data Breach Report 2023.
- $74 million is the average total cost of a data breach for organizations in the United States in 2023, per IBM’s Cost of a Data Breach Report 2023 (US average).
- 28% of breaches are caused by human error in 2023, per IBM Cost of a Data Breach Report 2023 breakdown.
- The global enterprise risk management (ERM) market is expected to grow to $8.4 billion by 2030, per a 2022 report by IMARC Group.
- The global governance, risk, and compliance (GRC) market is forecast to reach $25.0 billion by 2032, according to a 2024 report by MarketsandMarkets.
- The global cybersecurity market is projected to reach $345.4 billion by 2026, per a 2023 forecast by MarketsandMarkets.
- 41% of breaches were discovered by third-party reporting rather than internal monitoring, per IBM’s 2023 Cost of a Data Breach report (discovery method breakdown).
- 48 hours is the maximum initial incident notification deadline for some operators under NIS2 (initial notification).
- 72 hours is the final incident notification timeline for significant incident details under certain NIS2 conditions (where specified).
- The Federal Reserve’s supervisory stress tests apply to large banks with at least $100 billion in assets (capital planning stress tests).
Cyber risk is rising fast as most breaches involve people, stolen credentials, and high financial damage.
Related reading
01 · Category
Industry Trends21 stats
Industry Trends Interpretation
02 · Category
Cost Analysis14 stats
Cost Analysis Interpretation
03 · Category
Market Size12 stats
Market Size Interpretation
More related reading
04 · Category
Performance Metrics5 stats
Performance Metrics Interpretation
05 · Category
User Adoption1 stats
User Adoption Interpretation
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
Thomas Lindqvist. (2026, February 13). Risk Management Industry Statistics. Gitnux. https://gitnux.org/risk-management-industry-statistics
Thomas Lindqvist. "Risk Management Industry Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/risk-management-industry-statistics.
Thomas Lindqvist. 2026. "Risk Management Industry Statistics." Gitnux. https://gitnux.org/risk-management-industry-statistics.
Sources & references
24 datasets cited across this report · attribution is report-level
+10 additional datasets cited (not shown individually)

