Securing privileged accounts and credentials must be at the top of the enterprise security agenda, and we’ve previously highlighted five top reasons why on CyberArk’s blog, which outlines key areas in cyber statistics. With the launch of a new year, it’s a good time to be mindful of the lessons learned in 2016, especially when it comes to cyber statistics. The cyber security industry is chock-full of reports and surveys that continually provide new insights and stats. Privilege is the road most traveled in advanced attacks – that remains a constant. The sophistication of breaches, the amount of data stolen or compromised, the cost of remediation etc. continues to evolve and advance. Here is a sampling of stats to consider:
- In 2016, the average annual loss per company worldwide was $9.5 million.
- In the first half of 2016, 3,046,456 data records were stolen or lost every day; 126,936 data records were stolen or lost every hour; 2,116 were stolen or lost every minute and 35 were stolen or lost every second.
- Cyber crime will cost businesses over $2 trillion by 2019.
- The average cost of a data breach will exceed $150 million by 2020.
Attackers Will Get In, and They Will Take the Easiest Route
- Attackers sending as few as 10 phishing emails have a 90% success rate.
- Thirty percent of phishing emails get opened, and the #1 delivery vehicle for malware is email attachments.
- In 93% of cases, it took attackers minutes or less to compromise systems.
Ransomware Is On the Rise
- $209 million = FBI’s estimate of dollars lost to ransomware attacks in Q1’16.
- $1 billion = Estimated total cost of damages related to ransomware attacks using cryptographic file-locking software in 2016.
- Nearly 50% of organizations have been targeted with ransomware.
- The average ransom demand is $679.
Beware the Insider Threat
- By 2017, 41% of workers will be temps, contractors or consultants.
- Sixty-nine percent of organizations have experienced attempted or successful data theft or corruption by corporate insiders during the last 12 months.
- Organizations face four major insider threats: The Exploited Insider, the External “Insider,” the Malicious Insider and the Unintentional Insider.
What does your organization have in place to mitigate the risks of a cyber attack? Have you tested your incident response plan? How’s your cyber hygiene – patching, rotating and isolating sessions? How many privileged accounts does your organization have? This is a figure you should know. Now is the time to find out. Contact Layer 8 Security to see how we can help.