Skip to main content

Year-end 2021 Cybersecurity Report

By December 6, 2021Cyber Security

Throughout 2021, we have seen cybersecurity become a growing concern for businesses of all sizes – In fact, Gartner predicts that businesses will spend more than $170.4 billion on enterprise security by 2022. Despite this heavy investment, we are still seeing hackers enter systems at an alarming rate – Criminals are breaking into systems with relative ease and on a regular basis. This can largely be attributed to the fact that many organizations continue to neglect the effective and recurring security awareness training required for any program to be effective. Remote work has added to these issues by increasing the cybersecurity skills gaps, and the growth of IoT devices has not helped either. 

Understanding the following cybersecurity stats and metrics for 2021 is useful for communicating why implementing cybersecurity measures is important. Read on to find out more: 

Key Cybersecurity Statistics of Note for 2021

Cybercrime is up almost 600% due to the COVID-19 pandemic

There has been a huge uptick in cyberattacks, largely due in part to the COVID-19 pandemic. Some additional facts statistics to note include:

  • The IDC predicts there will be 55.7 billion connected devices by 2025, of which 75% of these will be comprised of IoT;
  • Cisco Data estimates that DDoS attacks will grow to 15.4 million by 2023, more than double the number from 2018;
  • High data breach costs in the United States, with an average attack costing around $8.6 million.

Cybersecurity Statistics in Canada

To no one’s surprise, Canada is not immune from the onslaught of cyberattacks we have witnessed throughout 2021. Some key statistics of note include:

  • 3 in 10 Canadian organizations observed a spike in cybercrime during the pandemic; 
  • Nearly 25% of small businesses targeted by cybercriminals;
  • Over 80% of businesses are hit by phishing scams and 50% by malware.

Poor Cybersecurity Practices

Despite large investments in enterprise security tools, we are continuing to see poor practices and procedures plague security programs. Some important statistics of note include:

  • Nearly 95% of cybersecurity breaches are a result of human error;
  • On average, only 5% of company folders are properly protected;
  • Over 77% of organizations do not have a cybersecurity incident response plan.

Malware Statistics 

Ransomware has dominated headlines throughout 2021 and has become one of the most popular types of malware by far. It has been particularly damaging to organizations throughout the pandemic. Some important statistics of note include:

  • Ransomware involved in nearly 21% of ALL breaches – The ransomware industry has ballooned to a staggering $14 billion in 2021;
  • Particularly troubling is the frequency with which organizations are paying ransoms – 32% of affected organizations paid ransoms in 2021, but only 8% of them received their data in return;
  • It is predicted that a business will fall victim to a ransomware attack every 11 seconds in 2021.

Key Trends and Takeaways

The Supply Chain as a Weak Link

Recent high-profile attacks on Kaseya or SolarPipeline have shown us that the supply chain has become a magnet for cyber breaches – 97% of all firms have been impacted by a cybersecurity breach in their supply chain. Additionally, supply chain attacks rose by 42% in the first quarter of 2021 alone. Ultimately, this tells us that we need to heighten government and industry initiatives and place a greater emphasis on securing operational technology (OT) systems.

We need to Secure our IoT devices 

The integration of millions of devices in our lives has created a huge cybersecurity challenge for people, businesses, and governments. By nature, these devices transmit and store data, making them the perfect target for cybercriminals. Simply put, each and every IoT device represents an attack surface that can be a potential avenue into your organization.

We need stronger and more effective Security Awareness Training

We have repeatedly seen that the weakest link in many enterprise systems is the people. In this respect, it is critical that an organization deploy regular and effective security awareness training as a vast majority of all breaches start at the end-user.

With this in mind, it might be worth partnering with a reputable cybersecurity company like Stratejm, who can lend their expertise and properly educate your employees on cybersecurity best practices and hygiene. Contact us today to find out about how we can help identify gaps in your enterprise network.