20 Cybersecurity Stats to Guide Your Identity Strategy in 2021

20 Cybersecurity Stats to Guide Your Identity Strategy in 2021

MJ Kaufmann

MJ Kaufmann

Security Specialist

Cybercrime is rapidly rising. Bad actors, malicious insiders, and more threaten your organization’s  people, assets, and cloud-based infrastructure. How will you respond? 

The pandemic forced the digital age into full bloom. In this modern era, no organization or industry is immune to cyberattacks and data breaches. Even the healthcare industry — long considered a bastion of safety — is facing increased pressure. Strong cybersecurity policies and processes can combat this growing threat and help businesses achieve success. Developing a comprehensive identity and security strategy is essential to your company’s sustained success.

Here are 20 key statistics that you need to help you chart your cybersecurity course now and in the future.

Cybercrime Is On the Rise

    1. In 2020, hacking was involved in 45% of data breaches, and over 80% of those hacking breaches involved brute force or the use of lost or stolen credentials.
    2. A surprising fact is that 75% of companies that found themselves infected with ransomware were running up-to-date endpoint protection
    3. Varonis reports that there are approximately 7 million data records compromised each day, and 56 records compromised each second. This means that in the average year (365 days), based on the number of daily breaches, there are about 2,555,000,000 (2.55 billion) records exposed annually.

      Varonis reports that there are approximately 7 million data records compromised each day.

  1. A staggering 94% of organizations have experienced a data breach and 79% were breached within the last 2 years according to Identity Defined Security Alliance (IDSA)’s study Identity Security: A Work in Progress.
  2. SolarWinds became an example after over 18,000 customers including government agencies and Fortune 500 companies were impacted by a sophisticated supply chain attack.
  3. SolarWinds was not alone as a target as open-source software supply chain attacks surged by 430%.

No One Is Immune to Cyber Threats

  1. With more people home and spending a greater amount of time online, gaming platforms have experienced a 39% increase in attacks along with a 26% rise in attacks against retail and travel as well as a 16% increase for tech platforms. 
  2. New data shows that cyberattacks have risen by 45% since November, more than doubling the increase of 22% against all other industries in the same time period. This is alarming with Experian showing 90% of the breaches they serviced were healthcare or telehealth related. 
  3. IoT is more prevalent than ever from smart appliances to medical IoT devices. IoT has a reputation for being vulnerable and a 2020 report serves to reinforce this, by highlighting:
    • 98% of traffic from IoT devices is unencrypted
    • 72% of healthcare organizations use the same Virtual LAN (VLAN) to combine traffic from IoT and IT assets
    • 57% of IoT devices have active vulnerabilities to medium- or high-severity attacks
    • 41% of attacks target device-specific vulnerabilities
A 2020 report highlights IoT’s wide range of vulnerabilities.

Cybersecurity Is Key to Business Success

  1. Cybersecurity is a direct contributor to business success according to 73% of organizations surveyed by AT&T. 
  2. Cybersecurity efforts yield direct savings of over $1.4 million per attack according to Ponemon Institute and Deep Instinct. Their study shows savings can be up to 82% of the costs associated with managing the full cybersecurity lifecycle.
  3. Despite the benefits that can be realized from cybersecurity, organizations struggle with staffing positions. ISACA research shows 62% of Organizations’ cybersecurity teams are understaffed, 57% have unfilled positions.
Organizations struggle with staffing cybersecurity positions.

Remote Work Vulnerability Must Be Addressed

  1. Productivity increased by 47% YoY despite work from home culture yet, Forrester, citing the persistence of remote work, predicts that internal incidents will be responsible for 33% of breaches in 2021.
  2. IoT attacks have risen by 35% to target residential areas and remote workers according to Microsoft. Securing the remote worker is more critical now than it has ever been.
  3. The average organization has over 51 business-critical applications and 56% of these are accessible to remote workers via mobile devices, increasing overall access by 59%. 
  4. Despite the high consequences of a privileged account breach, companies across the globe are not implementing stringent enough security measures to protect them. 49% of organizations have at least some users with more access privileges than are required for them to do their job.

Comprehensive Identity Governance Is Essential

  1. Organizations have blind spots in their security. With 64% of professionals reporting they don’t know all of the web apps and endpoints for their organization and 68% reporting they still feel their level of visibility is “average” for the industry.
  2. 60% of professionals indicated that a lack of visibility into end-user access of sensitive and confidential information is one of the biggest impediments to IT security response. 46% of these respondents also concluded this lack of visibility into third-party access was also a major impediment.
  3. Maintaining identity protection is crucial as the pandemic has escalated credential theft attacks by 55%.
  4. Access management is fraught with many challenges primarily including: 
    • Lack of automation (43%)
    • Lack of skilled staff (41%)
    • Not utilizing available technologies (33%)
    • Password management and authentication (31%)
    • Detection and/or mitigation of insider threats (30%)
    • Cloud migration (30%)
    • Increasing use of mobile devices (30%)
Information from 2020 Identity Access Management Report
sponsored by Simeio

The numbers don’t lie. Cybercrime is more prevalent than ever before as security teams face challenges from every corner of their organization. But, cyberattacks aren’t insurmountable, and many are preventable. Bringing cross-application visibility and comprehensive identity access and governance  to your IT ecosystem is a vital step to building a successful security program. 

Schedule a Demo

Ready to see our solution in action?
Sign up for your demo today.