Cybersecurity Statistics for 2018

Here are the sources of the statistics used on our website:

Did you know ?

77% of organisations in the world were victimized by one (or more) successful cyberattack in 2017.
2018 Cyberthreat Defense Report. Cyberedge Group. (p. 3)
https://cyber-edge.com/wp-content/uploads/2018/03/CyberEdge-2018-CDR.pdf

48% of breaches featured hacking.
2018 Data Breach Investigations Report. Verizon. (p. 5)
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

50% of web application attacks were SQL Injection in the 4th quarter 2017.
State of the Internet / Security – Q4 2017 Report. Akamai. (p. 17)
https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2017-state-of-the-internet-security-report.pdf

 

SECURITY AUDITS – PENTESTS

On average, data breaches were identified after 191 days.
2017 Cost of Data Breach Study. Ponemon Institute. (p. 3)
https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN

 

Who are the targets of web attacks?

28% of breaches involved internal actors.
2018 Data Breach Investigations Report. Verizon. (p. 5)
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

23% of Small and Medium-Sized Businesses had a data breach or security incident due to the use of the Internet of Thing in 2017.
2017 State of Cybersecurity in Small and Medium-Sized Businesses (SMB). Ponemon Institute. (p. 17)
https://keepersecurity.com/fr_FR/2017-State-Cybersecurity-Small-Medium-Businesses-SMB.html

12% of breaches involved privilege misuse.
2018 Data Breach Investigations Report. Verizon. (p. 5)
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

76% of breaches were financially motivated (+3 points vs. 2017).
2018 Data Breach Investigations Report. Verizon. (p. 5)
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

 

Does web security concern you?

Organisations who were victimized by one (or more) successful cyberattack increased of 15 points, from 62% to 77% between 2013 and 2017.
2018 Cyberthreat Defense Report. Cyberedge Group. (p. 3)
https://cyber-edge.com/wp-content/uploads/2018/03/CyberEdge-2018-CDR.pdf

17% of breaches were social attacks.
2018 Data Breach Investigations Report. Verizon. (p. 5)
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

+10% of web application attacks between the 4th quarter 2016 and the 4th quarter 2017.
State of the Internet / Security – Q4 2017 Report. Akamai. (p. 2)
https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2017-state-of-the-internet-security-report.pdf

SOCIAL ENGINEERING AUDITS

Almost 25% of clicks on phishing e-mails occur within 5 minutes of receiving the message *
The human factor – 2018. Proofpoint. (p. 10)
https://www.proofpoint.com/sites/default/files/pfpt-us-wp-human-factor-report-2018-180425.pdf

Are you concerned with social engineering?

95% of web attacks involve social engineering.
The human factor – 2018. Proofpoint. (p. 14)
https://www.proofpoint.com/sites/default/files/pfpt-us-wp-human-factor-report-2018-180425.pdf

A strong trend of e-mail attacks is to create a false e-mail exchange history: this increased by 50% compared to the previous year, reaching 11% of all e-mail fraud attempts at the end of 2017.
The human factor – 2018. Proofpoint. (p. 16)
https://www.proofpoint.com/sites/default/files/pfpt-us-wp-human-factor-report-2018-180425.pdf

False invoices/bills are the primary pretext for sending malwares by e-mail.
Internet Security Threat Report. Volume 23. Symantec. (p. 69)
https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf