15 Cybersecurity Statistics Summarizing the Intense Year the Community had in 2018

If there was a common denominator across the cybersecurity community in 2018, it was this:  everything got more intense.

The volume of attacks, breaches and associated costs all grew in some way, shape or form. Similarly, so did the market, the tools, and methods for defending the enterprise.

We looked at the figures published over the course of the last 12 months that stood out among the many made available to summarize the year in review. A neatly-organized list of 15 cybersecurity statistics that summarize the year 2018 in review follows below.

1) The cybersecurity industry continues to grow, rapidly.

“The cybersecurity market is expected to grow from USD 152.71 billion in 2018 to USD 248.26 billion by 2023, at a compound annual growth rate (CAGR) of 10.2% during 2018–2023.”

Read more: Cybersecurity Market Expected to be $248.26 billion by 2023

2) Security conferences demonstrate industry growth.

The Black Hat conference is a good illustration of just how much the cybersecurity industry has grown. The six-day conference has doubled in size since 2014, according to the Las Vegas Review-Journal. The publication reported this year’s show attracted some 17,000 cybersecurity professionals, including 300 exhibitors, who collectively offered 80 sessions and 120 briefings.

Read more: 96+ Articles, Blogs and Links that Summarize the Black Hat Conference 2018

3) A staggering year in breaches.

The first nine months of 2018 have not been easy in cybersecurity circles. Reporting indicates that while breaches and records exposed are down slightly, the statistics are still staggering: 3,676 breaches and 3.6 billion compromised records, according to Dark Reading. The full year numbers are still being tabulated as this post was being published – and may not include recent breach disclosures.

Read more: The Mixed Forecast for Cybersecurity during Black Friday and Cyber Monday

4) Financial sector discloses 3x breaches.

“Between January and August this year, financial firms disclosed three times as many breaches as they did in the same period in 2016—103 in 2018 compared to 37 two years ago. The top three breaches alone this year compromised more records than the 64,512 records exposed in all of 2016.”

Read more: Financial Sector Data Breaches Soar Despite Heavy Security Spending

5) The cost of a breach rose 6.6%.

“The average cost of a data breach has risen to $3.86 million, according to a new report from IBM. The latest version of its annual report shows a 6.6 percent increase in costs; including direct losses, indirect costs related to time and effort in dealing with a breach, and lost opportunities such as customer churn as a result of bad publicity.”

Read more: What is the cost of a data breach?

6) A long road to breach recovery.

“It took Equifax 76 days to detect the massive 2017 data breach, despite the fact that attackers had conducted roughly 9,000 unauthorized queries on its databases, according to a new report from the U.S. Government Accountability Office (GAO).”

Read more: Attackers Made 9,000 Unauthorized Database Queries in Equifax Hack

7) Many attacks are still initiated by email.

“Email is still the problem,” reported Josh Fruhlinger for CSO. He notes, “according to Verizon’s 2018 Breach Investigations report, 92 percent of malware is still delivered by email.”

Read more: Top cybersecurity facts, figures and statistics for 2018

8) It took 38 days to patch a vulnerability.

“It took an average of 38 days for an organization to patch a vulnerability, regardless of its level, and 34 days for an organization to patch its most critical CVEs…The less severe the vulnerability, the longer the time frame. Medium severity vulnerabilities took an average of 39 days to patch; low-severity flaws took an average of 54 days. The oldest unpatched CVE took nearly a year – 340 days – to address.”

Read more: It Takes an Average 38 Days to Patch a Vulnerability – and also see The Race Against Time Between Vulnerability and Patch

9) Hybrid environments experience more security incidents.

A study that examined 147 petabytes of data over a year and one-half and found: “Hybrid cloud environments experienced the highest average number of incidents per customer at 977, followed by hosted private cloud (684), on-premises data center (612), and public cloud (405).”

Most of the respondents (62%) in that study would like positive control of network traffic and data for security purposes; many “settle for awareness of network traffic and data.”

Read more: The Multi-Million Dollar Question: Who owns cloud security?

10) One million cybersecurity alerts per day.

We often hear that security teams are overwhelmed by alerts, but how many is overwhelming? A trio of studies puts this into a range of between 10,000 and 100,000 per day. Some experience upwards of 1 million security alerts per day.

Read more: How Many Daily Cybersecurity Alerts does the SOC Really Receive?

11) Most organizations use 25-50 cybersecurity tools.

Cybersecurity organizations tend to keep the type and number of security tools they use confidential for obvious reasons. However, some benchmarks from 2017 that resurfaced last year suggest most organizations use between 25 and 50 tools. However, one of those studies found that 9% of financial services organizations are using more than 100.

Read more: How Many Security Tools Does the SOC Have?

12) Detecting unknown threats is the top challenge for SOCs.

A study of 300 security and IT professionals found 70% said detecting unknown threats that are already hiding inside the enterprise is the top challenge facing security operations centers (SOCs). The survey provided several other benchmarks including:

  • 14% of SOC personnel are involved in threat hunting tasks and they spend about 22% of their time proactively hunting threats and 43% spent reacting;
  • Organizations invest an average of $550,000 to identify and stop advanced threats; it’s not uncommon for larger organizations to invest up to $6-8 million dollars; and
  • A threat hunting platform drops dwell time from 38 days to 15.

Read more: 5 Useful Benchmarks on Threat Hunting for the Security Operations Center

13) Threat hunting teams with the right tools find threats 2.5x faster.

Just 40% of cybersecurity organizations say they conduct threat hunting today according to a survey. However, six out of every 10 respondents say their organizations have plans to build out threat hunting programs over the next three years. Interestingly, the report found those with the right tools were able to identify threats 2.5x faster.

Read more: Threat Hunting is Growing Up in the SOC, Study Finds

14) Cybersecurity costs U.S. businesses $760 per employee.

A fascinating study found, “an organization of 2,500 employees in the United States can expect to spend nearly $1.9 million per year for cybersecurity-related costs (that’s nearly $760 per employee). While the costs are lower in most of the other countries that we surveyed, the global average exceeds $1.1 million for a 2,500-employee organization.”

Read more: White hat, black hat, and the emergence of the gray hat: the true costs of cybercrime

15) The average salary for a cybersecurity job.

The average salary for a core cybersecurity job can range from $75,000 for a specialist or technician – to $129,000 for a cybersecurity architect. In 2017, a separate study put the average CISO salary in the U.S. at $273,000 per year.

Read more: Demand for cybersecurity professionals continues to accelerate

* * *

What do you think? What statistics stood out for you this year? Tweet us up: @BricataInc

If you enjoyed this post, you might also like:
Simple but Effective Threat Hunting Tips from a Veteran Threat Hunter

*** This is a Security Bloggers Network syndicated blog from Bricata authored by ironcore. Read the original post at: