Think cybercrime won’t impact you personally? What about your business? The statistics tell a different story.
October is National Cybersecurity Awareness Month (NCSAM)– a fitting month to incite a little fear around the dangers of not being more vigilant when it comes to security. The aim of NCSAM is to “encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers”.
There are hundreds of articles filled with tips about all the things you should do (and not do) to protect yourself. Unfortunately, the warnings are often ignored.
Here are 13 cybersecurity stats that will hopefully encourage greater awareness and action.
- The odds are good that your personal information has been compromised. According to IBM, data breaches have collectively leaked more than 11.7 billion records during the past three years alone. Source: USA Today
- It takes most companies months to detect and report a data breach. On average, companies take 197 days to identify a breach and 69 days to contain it according to IBM. By the time you’re notified, credit card details, passwords and personal information like social security numbers may already be compromised.
- In 2018, the Federal Trade Commission processed 1.4 million fraud reports totaling $1.48 billion in losses.
- According to a study by The University of Texas at Austin, emotional distress tops the list of consequences reported by fraud victims with 80% saying they experienced medium to high levels of distress.
- Juniper Research reports that cybercrime will cost businesses over $2 trillion in 2019.
- Ponemon Institute reports that 36% of the cost of a data breach comes from the loss of business stemming from diminished customer trust after a cyber incident. This is the equivalent of $1.44 million.
- The 2019 Verizon Data Breach Investigations Report found that 29% of breaches involved the use of stolen credentials and 32% of breaches involved phishing.
- A Logmein study found that 91% of people know reusing passwords is poor practice, but 59% still reuse their passwords everywhere – at home and at work.
- The same Logmein study found that 53% of respondents said they hadn’t changed their passwords in the past 12 months even though they were aware of the risks and news of a data breach involving compromised passwords.
- With so many people using the same username and password across multiple accounts, cybercriminals make big money selling stolen credentials. The availability of stolen data is giving rise to account takeover attacks which are up 79% – from 380,000 in 2017 to 679,000 in 2018, according to Javelin Strategy. Both individuals and enterprises are at risk for account takeovers.
- New account fraud is also on the rise. Javelin Strategy reports that it accounted for $3.4 billion in losses in 2018, up from $3 billion in 2017. The most common targets for new account fraud are loans and credit cards. According to the FTC’s “Consumer Sentinel Network Data Book,” more than 167,000 people reported a fraudulent credit card account was opened with their information.
- Mobile banking fraud involving SIM swaps is increasing. This tactic is a type of account takeover that enables criminals to target weakness in two-factor authentication and two-step verification to access bank accounts and more. According to the City of London’s Action Fraud Division there were 144 reports of SIM swap fraud between January and August of 2019. On average, £4,000 was stolen from victims’ bank accounts.
- According to the Center for Victim Research, 7-10% of the U.S. population are victims of identity fraud each year.
Learn more about what you can do to keep yourself and your business safe at StaySafeOnline.org. You might also like our recent blog post, Don’t be complacent! Change your “Password” regularly!