Last year, the world witnessed a barrage of crippling cyber attacks—from the unprecedented breach of a Credit Bureau that compromised personal data of 145 million consumers, to leaked government tools belonging to the NSA, to major ransomware campaigns including WannaCry, Bad Rabbit and NotPetya, to revelations that Yahoo’s breach included 3 billion accounts. Many of the most destructive cyber attacks in 2017 were executed by successfully exploiting privileged accounts. Unsecured privileged accounts give attackers access to your highest value assets and data.
As the attack surface continues to expand on pace with technological advancements, the threat will only increase without mitigation. Following is a list of 15 cyber security stats, curated from a number of industry sources, to help illustrate the current landscape and underscore the urgency of putting privilege first in 2018:
- By 2020: 4 billion people will be online, 50 billion devices will be connected to the internet and data volumes will be 50x greater than they were in 2016 (Source: Microsoft)
- Percentage of computer users who will click on a link from an unknown sender: 50 percent (Source: TechRepublic)
- Amount of money that ransomware victims have paid out over the past two years: $25 million (Source: The Verge)
- Global average cost of a data breach: $3.62 million (Source: IBM)
- Average cost for each lost or stolen record containing sensitive and confidential information: $141 (Source: IBM)
- Number of unfilled cyber security jobs by 2021: 5 million (Source: CSO Magazine)
- Average number of days attackers spend inside systems, undetected: 99 days (Source: FireEye)
- Percentage of organizations who admit to not fully informing customers when their personal data was compromised in a cyber attack: 50 percent (Source: CyberArk via Vanson Bourne)
- Percentage of security pros who say their organization can’t stop every attempt to break into their internal network: 46 percent (Source: CyberArk via Vanson Bourne)
- Percentage of boards that participate in the review of current security and privacy risks: 31 percent (Source: PwC)
- Percentage of business leaders who do not understand what they should do if a cyber security incident occurs: 52 percent (Source: CyberArk via Vanson Bourne)
- Organizations currently using cloud services: 93 percent (Source: McAfee)
- Organizations actively using containers today: 83 percent (Source: Forbes)
- Percentage of security and DevOps pros who failed to identify all places where privileged accounts or secrets exist: 99 percent (Source: CyberArk via Vanson Bourne)
- Percentage of security pros who report that their organization has not implemented a privileged account security solution for DevOps: 73 percent (Source: CyberArk via Vanson Bourne)