The Ultimate List of Cybersecurity Statistics (2022)
Cybersecurity is a multi-billion dollar industry built around a singular concept: protecting data at all costs.
Data lets consumers bank, shop, and send messages from anywhere in the world. But in the hands of bad actors, data can compromise millions of people’s private information and cost companies millions of dollars in damages.
From government and healthcare to social media and eCommerce, virtually every industry needs cybersecurity. As cybercriminals develop new threats, security providers must adapt and innovate with new solutions.
Here is the state of cybersecurity around the world in 2022.
- Top Cybersecurity Stats
- Cybersecurity Market Statistics
- Cybersecurity Workforce Statistics
- Cybersecurity Threat Statistics
- Cybersecurity Compliance Statistics
Top Cybersecurity Stats
For an overview of the world of cybersecurity today, start with these 7 new cybersecurity statistics:
- The global cybersecurity market is worth $217.9 billion
- The cybersecurity industry is projected to hit $345.4 billion by 2026
- The average cybersecurity salary in North America is $119,898
- 57% of companies have a cybersecurity skills shortage
- Data breaches lead to an average of $4.24 million in damages
- Half of Americans believe it’s impossible to protect their private data online
- Data privacy regulations will protect the data of 65% of the world’s population by 2023
Keep reading to see all 35 cybersecurity statistics.
Cybersecurity Market Statistics
At its core, the multi-billion dollar cybersecurity market is made up of software, hardware and services all designed to protect sensitive data from malicious attacks and breaches. High-growth market segments like automotive cybersecurity, “security-as-a-service”, and cyber insurance are pushing the market into exciting new directions.
The global cybersecurity market is worth $217.9 billion (Markets and Markets)
Protecting sensitive user data, detecting and eliminating threats, and investments in cybersecurity infrastructure across every major industry all contribute to cybersecurity’s massive market size. And demand for cybersecurity solutions (in the form of people and software) is expected to increase in the future.
The global cybersecurity market is projected to hit $345.4 billion by 2026 (Markets and Markets)
The latest research predicts the global cybersecurity market to have a 9.7% compound annual growth rate (CAGR). Drivers behind the market’s future growth include stricter compliance regulations, the growth of the Internet of Things (IoT) market, and responses to more sophisticated cyber threats.
Microsoft has pledged to invest $20 billion in cybersecurity measures over the next 5 years (CNBC)
After a series of massive cyberattacks in 2021— SolarWinds, Microsoft Exchange, and Colonial Pipeline to name a few—several US tech giants met with the White House to discuss plans to bolster security measures. Microsoft committed to quadrupling its cybersecurity investments. Google announced plans to invest $10 billion over that same timeframe while training an additional 100,000 Americans in IT support and data analytics.
The global automotive cybersecurity market is expected to hit $8.4 billion by 2025 (McKinsey)
As the automotive industry becomes more high-tech, it’s expressing a greater need for cybersecurity solutions. The market is poised to grow 68% from its 2020 $5 billion valuation by 2025. By 2030, the market could be worth as much as $9.7 billion.
The endpoint security market is poised to generate $11.2 billion in revenue in 2022 (Radicati)
Endpoint security—security involving personal devices like computers, tablets, and smartphones—is a growing cybersecurity sub-market. Fueled by growing public concerns about data breaches and privacy, this market will likely surpass $20 billion in revenue in 2026.
The average venture capital funding deal for cybersecurity companies is $31.8 million (Crunchbase)
The number of cybersecurity venture capital deals went down overall in 2021, but their average value went up. The 686 deals completed last year totaled $21.8 billion in investment funding.
The global security as a service (SECaaS) market could be worth $22.6 by 2026 (Mordor)
Demand for SECaaS solutions is bolstered by the growing need for more secure email solutions to avoid phishing scams and other cyber threats. While North America represents the largest SECaaS market, Asia-Pacific will see the fastest growth over the next several years. Overall, the SECaaS market is expected to grow by over 16% each year.
Corporate web security solutions could generate over $5 billion in revenue (Radicati)
Corporate web security solutions keep corporate employees and their data safe from cyber-attacks. Industry leaders like Cisco, McAfee, and Symantec dominate the market, but there’s also room for startups to compete by offering specialized or niche services. Total revenue is projected to more than triple, from $2.5 billion in 2016 to $7.9 billion in 2025.
65% of B2B technology buyers say data security and data privacy are top considerations when purchasing new tech (Trust Radius)
Of the 1,134 B2B tech buyers surveyed by Trust Radius, 3 out of 4 said that security concerns led them to do extra product research before taking any further action. Over a quarter said that security concerns led them to consider fewer products.
Organizations are considering implementing Zero Trust architecture more than any other cybersecurity solution (IDG)
Zero Trust architecture is built on the philosophy of removing implicit trust from every level of an organization’s IT structure. Zero Trust creates multiple layers of protection within user networks, an aspect with increased demand since the great shift toward remote work.
The global cyber insurance market is worth $11.4 billion (Mordor)
Companies can face potentially staggering financial losses in the wake of a cyber attack. Cyber insurance is designed to help mitigate those losses. The relatively new market is forecast for a huge 25% annual growth rate between now and 2026.
Searches for “Cyber insurance” are up 66% over the past five years.
Cybersecurity Workforce Statistics
The world’s available cybersecurity workforce hasn’t been able to keep up with rising security demands. That opens up greater opportunities for those looking to pursue a career in cybersecurity. But for established security professionals, the workforce gap means being overworked.
More than 1 million Americans belong to the cybersecurity workforce (ICS2)
North America represents the largest cybersecurity market worldwide, so it’s no surprise that the US has its largest workforce. In fact, the American cybersecurity workforce is larger than all European countries’ workforces combined.
The average cybersecurity salary in North America is $119,898 (ICS2)
Cybersecurity professionals in the United States and Canada enjoy the highest industry salaries in the world. Europe has the 2nd-highest average salary ($78,618) while Latin America remains far behind ($32,637).
77% of cybersecurity professionals report that they enjoy their jobs (ICS2)
Among cybersecurity workforce demographics, Millennial and Gen Z security professionals reported the highest levels (79%) of job satisfaction. Job satisfaction was higher in medium and large companies and in the retail, manufacturing, and construction verticals.
Lack of security oversight by other teams is the top concern for global cybersecurity professionals (Issa)
While close to 80% of cybersecurity professionals are happy with their jobs, certain aspects of their job are notably stressful. Other top stressors were working with disinterested managers, overwhelming workload, and responding to constant emergencies and interruptions.
Over half of cybersecurity professionals aged 39 and older began their careers in IT (ICS2)
Most older professionals transitioned into their security roles. For Millennial and Gen Z professionals, the paths to cybersecurity careers were more varied—while 38% transitioned from other IT roles, 21% pursued a degree in cybersecurity and 19% were self-taught.
Searches for “cybersecurity jobs” have more than doubled in the past 5 years.
Certified cybersecurity professionals earn 56% more than their non-certified colleagues (ICS2)
The average global salary for certified cybersecurity professionals is $91,727. For those without certification, that number drops to $58,775.
57% of companies have a cybersecurity skills shortage (ESG)
Finding qualified cybersecurity professionals is a growing concern, according to ESG’s July 2021 Life of Cybersecurity Professionals report. In fact, 44% of the 389 surveyed professionals say the skills shortage has gotten worse over time. Knowledge areas with the greatest skills shortages are cloud computing security, security analysis and investigations, and applications security.
The American cybersecurity workforce has a shortage of 377,000 workers (ISC2)
The cybersecurity workforce gap in the US has narrowed since the pandemic, but there’s still a significant demand for cybersecurity professionals at American companies. The rise of remote work could push demand for cybersecurity skills even higher.
Cybersecurity Threat Statistics
The number of cyberattacks around the world increases every year. High-profile data breaches as companies like Facebook, LinkedIn, and Yahoo have soured the public’s trust over the way organizations handle sensitive data. But while trust may be at an all-time low, users are connecting and interacting online more than ever.
Phishing scams are the leading cause of ransomware attacks (Datto)
Ransomware is the most frequently occurring type of malware attack. Datto’s survey of over 1000 managed service professionals found phishing emails to be the leading cause. Other significant malware vulnerabilities were poor user practices, lack of cybersecurity training, and weak passwords.
Only 63% of adults understand what the term “phishing” means (ProofPoint)
ProofPoint’s 2021 State of the Phish report reveals just how cybersecurity-illiterate most of the world’s adult population is. In that survey, less than a third of respondents were able to correctly define the terms “ransomware”, “vishing” and “smishing”. Less than two-thirds could correctly define “malware.”
165K people research “phishing” on Google every month.
Data breaches lead to an average of $4.24 million in damages (IBM)
The average cost of data breaches varies significantly across different industries. The healthcare industry has the highest average cost at over $9 million. On the opposite end of the spectrum, public sector data breaches average just under $2 million in damages.
American companies suffer the greatest financial losses from data breaches (IBM)
The average cost of a data breach for US-based companies is $9 million. Companies in the Middle East pay an average of just under $7 million per data breach, while Canadian companies average $5 million in damages.
53% of global data breaches are financially motivated (IBM)
Financially motivated data breaches account for over half of all data breaches worldwide. State-sponsored attacks and attacks by hacktivists each make up 13% of total data breaches. The motivations behind the remaining 21% of attacks are unknown.
Half of Americans believe it’s impossible to protect their private data online (Norton)
Despite that belief, 73% of Americans report spending more time online today than they did in the past. For many, it’s a tradeoff: 71% say they accept some security risks in exchange for more convenience. They’re more careful about their online activity, however, with 79% reporting taking extra precautions to avoid malicious cyber attacks.
Internet users are getting more diligent about data protection. Searches for “password manager” average 450K every month.
Two-thirds of the world’s adults believe that companies have too much control over their personal data (YouGov)
Concern over data privacy is common across the globe but varies significantly across countries. 75% of adults in the UK and Spain say they’re concerned about data privacy. American adults are 33% more likely than adults in Sweden to have similar concerns.
German citizens are more than twice as likely to have their personal data leaked than UK citizens (DLA Piper)
Germany had 77,747 personal data breaches between May 25th, 2018 and January 27th, 2021 compared to the UK’s 30,536 breaches. The Netherlands had 66,527 personal data breaches over that same span, equal to one data breach for every 257 citizens.
62% of American data breaches lead to C-level executives’ resignation or termination (Shred-It)
Data breaches are often met with swift consequences within American companies. 40% of breaches led to legal issues, 38% to staff terminations, 27% to reputation damage, and 16% to financial losses.
Cybersecurity Compliance Statistics
In response to mounting cyber threats, governments develop new compliance standards to regulate the way corporations approach data privacy and security. The EU’s GDPR is possibly the most stringent compliance regulation in the world. Compliance is a significant investment for most companies and a lucrative opportunity for security providers.
Over a quarter of global companies need more than a month to make their cloud infrastructure compliant (Fugue)
While nearly half of companies report being able to reach cloud infrastructure compliance standards within a week or less, 27% need more than a month. Fugue’s survey of over 300 cloud security professionals found that 3% say it will take a year or more to become compliant—if it even happens at all.
Data loss and data privacy are the biggest concerns among cloud security professionals (ISC2)
Over 60% of cloud security professionals reported that both data loss and data privacy were major concerns. Over 40% reported concerns about accidental credential exposure, regulations, compliance, transparency, and visibility.
69% of managed service providers (MSPs) say their customers struggle with compliance regulations (Kaseya)
Adhering to cybersecurity compliance guidelines is critical for companies to avoid costly fines. While over two-thirds of MSPs are aware of their clients’ compliance needs, only 56% currently offer compliance services.
HIPAA compliance regulations impact 79% of North American MSPs (Kaseya)
HIPAA compliance is currently the biggest challenge for MSPs in the US, Canada and Puerto Rico. In Europe, the Middle East, and Africa, MSPs are most impacted by GDPR compliance regulations.
31% of global organizations say compliance is a roadblock in migrating to cloud infrastructure (ISC2)
Compliance regulations outranked solutions maturity, sunk cost into existing infrastructure, and limited control over encryption keys as the main hurdle in moving onto the cloud.
Amazon Europe’s €746 million fine was the largest GDPR violations fine in history (Statista)
The EU is known for having the strictest data privacy compliance regulations, and Amazon got hit with the EU’s largest fine to date in July of 2021. The €746 million fine was over three times larger than the next-largest fine — Whatsapp Ireland’s €225 million fine in September 2021.
Data privacy regulations will protect the data of 65% of the world’s population by 2023 (Gartner)
In 2010, data privacy regulations only covered around 10% of people’s data worldwide. But by next year, regulations will protect nearly two-thirds of the global population.
A cybersecurity ecosystem is an interconnected group of stakeholders. Users, governments, companies and service providers all influence and are influenced by each other.
As an industry, cybersecurity looks to continue its strong growth far into the future. Companies need to invest more capital in security infrastructure to protect their data from attacks. Also, demand for skilled professionals is on the rise.
Across the world, internet users are growing more concerned about data privacy. Governments issue new standards and regulations to help protect their citizens, leading to even more demand for cybersecurity solutions. The result is a market that’s constantly evolving as it works to stay ahead of future threats.