• There are no suggestions because the search field is empty.
gray wave
Security | 3 min read

Top 10 Cybersecurity Facts for 2024

Josh Moore
Written by Josh Moore

As the world remains constantly connected, the risk of cyberattacks against businesses and individuals has never been greater. 

Just look at the many high-profile cyberattacks in recent years. MGM Resorts took a $100 million hit from a data breach. The city of Oakland, Cal., even had to declare a local state of emergency over a ransomware attack in early 2023. And the News section of the Cybersecurity & Infrastructure Security Agency (CISA) website is already loading up with warnings and statements in 2024. 

We could write up a massive list of these attacks, but the bottom line is businesses need to be more diligent than ever. To help, we’ve compiled the top 10 cybersecurity facts for 2024 — including some statistics that may surprise you. 

1. Small-to-Medium Businesses (SMBs) are More Likely Than Large Businesses to Experience a Data Breach 

According to the 2023 Data Breach Investigations Report conducted by Verizon, SMBs (fewer than 1,000 employees) experienced 699 incidents compared to the 496 of larger businesses (1,000 employees or more). This could be the result of smaller businesses having limited resources, falling short of necessary defenses.

2. Stolen Credentials are the No. 1 Way Attackers Breach an Organization 

Verizon’s report also noted that the top three ways in which attackers breach an organization are, in order, stolen credentials, phishing and exploitation of vulnerabilities. This is a great reminder of how important it is to set up multi-factor authentication, which helps prevent unauthorized access.

3. Phishing Remains a Top Threat 

Although Verizon’s report listed phishing as the second-most common method of data breaches for businesses, it’s the number one publicly reported cybercrime on the FBI’s most recent Internet Crime Report. Plus, 97% of chief information security officer respondents to Mimecast’s State of Email Security 2023 survey said they’d been targeted by email-based phishing attacks.  

This crime affects businesses and individuals across the board, and regular training is needed to keep everyone vigilant.

Learn More: 10 Ways to Spot Phishing Email Scams 

4. 95% of Data Breaches are from Human Error

Eight out of 10 respondents to Mimecast’s survey believe their company is at risk due to inadvertent data leaks by careless or negligent employees. The same report indicates that 95% of all data breaches are from human error. We can’t overstate the importance of regular cybersecurity awareness training, and we recommend conducting it at least two or three times each year.

5. Cybersecurity Breaches Take an Average of 212 Days to Detect  

Mimecast’s report indicated an average of 212 days to detect a data breach and an additional 75 days to contain it. That’s a full 287 days of your data and assets potentially falling into the wrong hands — doing untold damage to your organization in the process.

6. The Average Cost of a Data Breach in the United States is $9.48 Million

According to IBM’s most recent Cost of a Data Breach Report, the United States leads the world in the highest average cost of data breaches. Our $9.48 million is more than double the worldwide average of $4.45 million

And this isn’t just about internal fixes; did you know that you could potentially be sued if your data is breached? Mark that down as another reason preventive measures are so critical.

7. Tech Support Fraud is Rising 

The most recent FBI crime report showed an increase of tech support-related cybercrimes over the last four years. This is when a threat actor poses as a tech support representative and tricks people into giving away sensitive information. The troubling statistic emphasizes the importance of vetting supply chain vendors and only working with service providers you know and trust.

8. Ransomware Causes Costly Downtime 

Ransomware was responsible for 25% of cyberattacks on businesses according to IBM’s report, and the average ransomware cost rose to $5.13 million in 2023. But downtime is also a factor, as businesses crippled by an attack lose money when they’re not operating normally.  

For example, between 2018 and late 2023, downtime from ransomware attacks on the manufacturing industry cost the world economy $46 billion from downtime alone, according to research from Comparitech.

9. Artificial Intelligence (AI) Can Help … and Hurt 

The advancements in AI offer solutions and concerns for cybersecurity. On one hand, developers are creating AI tools to keep networks and assets secure by analyzing data and spotting questionable activity quickly, among other tactics.

On the other hand, how criminals might use generative AI to trick people can’t be ignored. Look at this recent nightmare where a finance worker paid $25 million to scammers who used deepfake technology pretending to be his company’s chief financial officer.

This is a huge topic in 2024, so bookmark our blog to stay up to speed.

10. Cybersecurity Training is Effective 

We’re strong advocates for frequent cybersecurity awareness training, and the numbers speak for themselves. IBM’s report noted employee training as the second-ranked factor that mitigated a data breach, with training lowering the average cost by $232,867. It’s not the only effective defense, but it’s one of the strongest.

How Vulnerable is Your Business? 

Cybercriminals will continue to evolve. Your business needs to evolve with them to stay ahead of possible attacks. Are you as ready as you think you are?

We want to help you get a clear understanding of where you stand in your cybersecurity risk. Click below to take a few minutes and answer some key questions, and we’ll send you your results with suggestions for next steps.

Sensitive data at risk

You May Also Like

These Stories on Security

Subscribe by Email