Cyber Security Statistics

Breakdown of Cyber Claims

• Data Breaches: 73%

• Privacy Breaches: 9%

• Cyber Extortion (including Ransomware): 6%

• Network Business Interruptions: 4%

• Data Asset Protection: 2%

• Regulatory Actions: 1%

• Network Security Liability: 1%

• Social Engineering Attacks: 1%

• Dependent Network Interruptions: 1%

• System Failures: 1%

Key Insights and Human Factors

• An estimated 95% of cyber-attacks succeed due to human error, encompassing both ‘active’ errors, like someone opening a malicious email attachment, and ‘passive’ errors, such as using weak passwords.

• A significant 20% of businesses and 14% of charities experienced at least one cybercrime in the preceding 12 months. That’s approximately 283,000 businesses and 29,000 registered charities affected.

• Phishing remains the most common type of cybercrime, impacting 93% of businesses and 95% of charities that reported an incident.

Case Study: Malware Email Campaign

In a targeted attack on a financial services firm, 1,800 emails containing malware were sent under the guise of urgent invoices. Here is how the security layers performed:

• Email Filtering: Blocked 1,750 emails (97% success rate).

• Employee Awareness: Of the 50 that reached inboxes, 36 were ignored or reported.

• Human Error: 14 attachments were clicked, releasing the malware.

• System Defense: 13 of those installations were blocked due to up-to-date security patches.

• Final Result: Only 1 device was successfully infected. It was detected and quarantined before the malware could spread.

Password Vulnerability

NordPass analyzed data from 44 countries and found that over 80% of the top 200 most commonly used passwords could be cracked in less than a second. The most popular passwords remain ‘123456’ and ‘password’.

CISO Perspective: 78% of Chief Information Security Officers (CISOs) in the UK agree that human error is their organisation’s biggest cyber vulnerability.