Updated

Cybersecurity Statistics and Predictions, updated for 2024

Niek has worked at Eftsure for several years and has developed a clear understanding of the cyber threat landscape and the controls Australian businesses put in place to combat these threats.

Table of Contents

Every year we see an increase in cyber attacks globally and 2023 was no exception. This year we saw an increase in data breaches, phishing attacks, business email compromise attacks and more. The theme in the news and beyond was around organisations of all sizes starting to tighten their belts when it comes to cyber security, as tactics are becoming more refined and evolving faster than ever before.

In 2024, we can expect to see more of a focus on improving security when it comes to cloud services and digital infrastructure. Last year, with an increase in cloud computing came a steady increase in cyber attacks in this space. Within the cloud and IoT space, organisations will be fighting against possible data breaches, disruptions or even data loss this year.

Another trend we predict will become a theme in 2024 is the introduction of passwordless authentication. At the end of last year, Google launched Passkey as secure way for users to access their accounts without having to remember their passwords. Instead, this feature allows the user to login with a fingerprint, face scan or pin. The technology relies on cryptography, making it more secure and phishing resistance than previous measures.

At the end of 2023, we saw a stir of conversations related to generative AI usage, especially as it pertains to cyber criminals using it for financial gain at the expense of political figures and celebrities. We can expect to see governments investing time and resources into trying to monitor and regulate generative AI usage. Which ties into our final prediction, captured in a recent article by Chuck Brooks from Forbes. The article highlights an expected increase in cyber security regulations specifically focused on mitigating space attacks.

His article states “the security risk management of satellites and space will emerge as a top priority among both the public and private sectors.” There’s been a clear gap identified in the level of protection surrounding satellites and spaced-based communication and sensing. We can expect this to be a key conversation topic in the media this year.

And with that, we leave you with the latest, greatest (and most alarming) cybersecurity statistics to know in 2024:

Top 2024 Cyber Statistics (Editor’s Choice)

  • Cybercrime costs are predicted to reach $9.5 trillion USD in 2024.
  • Among leading industries, manufacturing continues to rank as the most highly targeted on a global scale.
  • The projection for global spending on security and risk management in 2024 has increased by 14.3%, totalling $215 billion.
  • According to McAfee’s latest Global Scam Message Study, Australian’s spend an average of 63 minutes per week trying to assess the legitimacy of scam texts and emails.
  • The largest reported data leakages remain the Cam4 breach in March 2020, which exposed more than 10 billion data records, followed by the 2013 Yahoo data breach, where three billion data records were leaked.

Cybersecurity statistics

1. Cybercrime costs are predicted to reach $9.5 trillion USD in 2024.

The cost of cybercrime is continuously snowballing as cyber criminals get smarter and governments work to find ways to keep up with new strategies and tactics. This research also included the compounded consideration with the rising costs of damages associated with cybercrime, forecasting this cost could read $10.5 trillion by 2025.

Share statistic Source: Cybersecurity Ventures

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-1 image description

2. Among leading industries, manufacturing continues to rank as the most highly targeted on a global scale.

Our team at Eftsure cross referenced this data with our own and in 2023 we successfully identified and stopped more cyber attacks against construction and manufacturing customers than those in other industries.

Share statistic Source: Statista

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-2 image description

3. As of 2023, the global average cost per data breach rose to 4.45 million U.S. dollars. An increase from the 2022 reported $4.35 million.

A key theme we saw at the end of 2023 was executives discussing the things that keep them up at night: data breaches and security. It’s no surprise seeing the rising cost of data breaches. Not to mention, this dollar value doesn’t account for the reputational damages incurred as well.

Share statistic Source: Statista

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-3 image description

4. The projection for global spending on security and risk management in 2024 has increased by 14.3%, totalling $215 billion.

Companies are feeling the pressure to implement improved controls and tighter security measures in an attempt to protect their own data and the data of their suppliers or customers. In finance departments, CFOs are looking to protect their teams from phishing attacks, BEC attacks, and more.

Share statistic Source: Gartner

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-4 image description

5. In Australia, the ASD recorded 94,000 reports of cyber scams were made to law enforcement this year. They estimate this means one every six minutes.

In the ASD Cyber Threat Report 2022-2023, a number of emerging trends were identified with the growing number of attacks. These include cybercriminal continuously adapting tactics to increase the max payment from victims, data breaches which left millions of Australians impacted, and an increase in cybercrime costs.

Share statistic Source: ASD

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-5 image description

6. An F-35 fighter jet could be taken down easier by cyber attacks than a missile attack.

An interesting statistic, which ties into a forecasted trend we will hear more about in 2024: space cybersecurity. In a recent Forbes article, Chuck Brookes backs this by stating “The economic sustainability of the free world depends on space-based global communications and sensing. Unfortunately, many of the platforms lack adequate protection, and hence, space cybersecurity will play a significant role in protecting key infrastructure.”

We expect to see more conversations at government levels about space and cyber security, especially closely tied to conversations about local militaries.

Share statistic Source: Interesting engineering

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-6 image description

7. A recent study of 500 Australian CFOs found that 50% say their business’s security concerns are higher heading into 2024 than the year prior.

In the same survey, 98% of CFOs said they feel cyber-crime is growing globally, adding a layer of anxiety as finance professionals tend to be one of the top targets for phishing scams within organisations.

Share statistic Source: Eftsure

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-7 image description

8. 77% of organisations don’t have an incident response plan when it comes to cyber attacks.

Given these numbers, it’s highly likely most of these companies haven’t considered proactive protection measures to mitigate the risk of an incident. Regardless of levels of preparedness, it’s always important to have a response plan in place, especially when we consider some cyber attacks can take a matter of minutes to successfully compromise systems or extract data.

Share statistic Source: Cybint

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-8 image description

9. The size of the global cyber insurance market is expected to grow rapidly over the 5 years, with the total market size increasing from around $8B USD in 2020 to just over $20B USD by 2025.

According to Statista, the global cyber insurance market is expected to grow tremendously over the next five years. Some factors that come into play as why the market is expected to grow is from the increase in cyber threats, awareness of cyber risks, regulatory requirements, lack of in-house expertise such as IT teams or internal processes and growth in technology.

Share statistic Source: Statista

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-9 image description

10. 45% of experts said cyber incidents causing business interruption is their number one fear above anything else.

This includes ongoing concerns and fears around ransomware attacks, cloud outages, IT system failures and threats of cyber war.

Share statistic Source: Allianz

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-10 image description

11. In the healthcare industry alone, there has been a 239% increase in hacking data breaches over the last four years.

The healthcare industry runs the highest costs for data breaches, with the average cost of a single data breach sitting at 11 million USD.

Share statistic Source: Chief Healthcare Executive

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-11 image description

12. 1 in 10 US organisations have no insurance against cyber attacks

Which doesn’t pair well with the associated costs on the rise when it comes to these attacks.

Share statistic Source: Statista

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-12 image description

13. According to the Javelin 2023 identity fraud survey, the number of adult victims remained nearly identical year-over-year, however the dollar losses fell in amount.

The report notes the reduction in financial losses can be attributed to the increased efforts from financial institutions to keep criminals from attacking their customers. However, the numbers are still glaring and there’s still plenty of space for improvement.

Share statistic Source: Javlin

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-13 image description

14. Researches from a top cyber security organisation and Stanford University say 88% of data breaches are caused by human error.

It only takes one person to accidentally become the driving force behind a breach large enough to take down an entire organisation. This could be as simple as an employee clicking on a malicious link. Which is why organisations are increasingly investing in cyber awareness training for their employees to reduce the risk of a successful attack.

Share statistic Source: KnowBe4

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-14 image description

15. The likelihood of a cybercrime entity being prosecuted in the US is estimated to be 0.05%

Adding even more emphasis on the need for people to become aware and vigilant, seeking protective measures rather than relying on reactive resolutions.

Share statistic Source: World Economic Forum

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-15 image description

Working from home statistics

16. The average cost per breach is $173,074 higher when the breach occurs on remote workers.

Despite the evolving cybersecurity challenges in an office setting, it’s evident remote working can costs organisations a lot more in comparison.

Share statistic Source: IBM

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-16 image description

17. 53% if adults have said remote working makes it easier for cybercriminals to take advantage of people.

Changes in workplace standards meant a higher number of employees working remotely. Cybercrime increased, with phishing being the most common method.

Share statistic Source: Norton

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-17 image description

18. More than half a million Zoom user accounts were compromised and sold on the dark web.

The more popular video conferencing software Zoom becomes with companies bringing employees into remote work, the more cyber criminals will adapt their techniques to that format. Recently, we’ve seen reports of cyber criminals selling compromised Zoom accounts on the dark web to increase their chances for more data breaches.

Share statistic Source: CPO Magazine

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-18 image description

19. 70% of organisations report allowing access to corporate assets from personal laptops or mobile devices, while only 17% report limiting access to corporate laptops only.

These statistics show the risks many companies are taking when it comes to potential data breaches. Unsafe device access is an easy way for attackers to find an entry into company servers and access private data. At the very least, organisations should be looking to tighten their access requirements to be on corporate devices only.

Share statistic Source: Cybertalk

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-19 image description

20. 71% of security leaders lack sufficient visibility into remote employee home networks.

According to a recent study, more people are using cloud services and iot devices that were never before part of a company’s security perimeter. More cyberattacks and security breaches are now a result of this and IT managers are now struggling to keep up with managing all these new technologies.

Share statistic Source: CEPro

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-20 image description

DOS/DDOS and IoT statistics

21. 75% of CISO respondents rank cloud and IoT as the biggest technology risks in the next five years.

This statistic is also mentioned by several tech experts in their 2024 forecast as their biggest area of concern. Cloud adoption was huge in 2023, and with great acceleration comes even greater risk. This will be an area where CISOs and other security professionals turn to improved procedures, security and automation.

Share statistic Source: EY

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-21 image description

22. In 2023, a new record was set by Google Cloud for the largest DDos attack ever

Up until this year, the largest DDoS attack on record was in 2018, but Google’s latest Distributed Denial of Service Attacks were said to be 7.5 times bigger than any other on record. Attacks can last from minutes to hours.

Share statistic Source: zdnet

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-22 image description

23. Based on historic data, Cisco predicts DDoS attacks will double from 7.9 million in 2018 to 15.4 million in 2023

Cisco’s data also pinpoints the United States as the most frequently targeted region, generally focused on Microsoft-based systems and services.

Share statistic Source: StationX

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-23 image description

24. In 2023, IBM recorded 82% of breaches involved data stored in the cloud.

Once again enforcing the increased focus on cloud security in 2024.

Share statistic Source: IBM

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-24 image description

25. The finance sector is the most targeted year after year. Last year, attacks in the finance sector increased 121% higher than attacks in 2021.

The finance industry has the most data and capital, making them a highly sought after target.

Share statistic Source: StationX

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-25 image description

26. The longest DDoS attack in history occurred in 2018, shattering existing records by flooding the target’s systems with data for 329 hours.

Every year, the number of Distributed Denial of Service (DDoS) attacks increases, and the industry that receives the most targets is finance because they have the most amount of data and capital. These attacks can last from a minute to an hour depending on the company’s security controls.

Share statistic Source: Comparitech

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-26 image description

Mobile scam statistics

27. 29.8 Billion USD was lost to phone scams in America in 2021

With this number only on the incline, we can expect to see higher numbers in 2024. These scams are also known as vishing (voice phishing) scams.

Share statistic Source: Earth Web

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-27 image description

28. Australians aged 65 and over have reported losses of $20.5 million from phone scams.

For older Australians, their lack of understanding of mobile phones makes them vulnerable to mobile scams because they have less familiarity with modern technology. The advancement of technologies has only made it easier for scammers to target people like them.

Share statistic Source: ABC

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-28 image description

29. Scams are most prevalent over mobile, with 33% if all scams in Australia coming from text messages.

The data shows Australian’s lost a reported $28 million to phone scams in 2022. Following closely behind text phishing scams were over phone calls (29%), where Australian’s reportedly lost the most, landing at $141 million dollars.

Share statistic Source: ACCC

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-29 image description

30. Consumers are 6-10 times more likely to fall for an SMS phishing attack than email based phishing.

There’s more awareness when it comes to email phishing, making it a bit harder to trick the end recipient as they are naturally more critical now than years before. However, with the rise of SMS phishing, there’s still work to be done.

Share statistic Source: Zimperium

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-30 image description

31. According to McAfee’s latest Global Scam Message Study, Australian’s spend an average of 63 minutes per week trying to assess the legitimacy of scam texts and emails.

The same study said 54% of Australian survey respondents said they would prefer to deal with the stress of monthly tax filings than cope with scam messages all year long.

Share statistic Source: McAfee

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-31 image description

Social engineering statistics

32. Phishing remains the most common form of cyber crime worldwide, with recent data suggesting nearly 1.2% of all emails sent are malicious.

1.2% equates to 3.4 billions phishing emails being sent daily. Because of the nature of phishing emails, and cyber scammers growing increasingly clever, it’s no wonder even the most savvy of people can fall victims to these attacks.

Despite organisations having tactics such as segregation of duties in place, things can still slip through the cracks without proper process or automation in place.

Share statistic Source: Earth Web

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-32 image description

33. Phishing attacks tend to fly under the radar and can take upwards of 295 days to identify.

IBM’s 2022 Data Breach Report noted phishing scams tend to take the third longest mean time to be identified. As a result, these breaches can cost organisations the most, with an average of 4.91 million USD.

Share statistic Source: IBM

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-33 image description

34. Losses for small and micro businesses associated with scams doubled in 2022.

Scamwatch data reported losses amounted to $13.7 million in 2022, which was a 95% increase from the year before. It’s said the biggest contributor to these losses were through payment redirection scams, known as business email compromise.

If you’re a small or micro business owner and you haven’t considered adding payment protection for your business, have a chat with our team at Eftsure to see why businesses Australia wide trust our payment technology.

Share statistic Source: ACCC

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-34 image description

35. 98% of all cyber attacks are social engineering attacks.

In the FBI’s latest report, Phishing, Vishing, Smishing and Pharming account for the largest number of attacks.

Share statistic Source: FBI

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-35 image description

36. Facebook is the leading social media platform for cybercriminals to use social engineering to scam users.

Between April and September 2020, there were over 4.5 million phishing attempts made. More recently in 2023, WhatsApp scams are growing in popularity along with other instant messaging platforms such as Telegram.

Share statistic Source: Phishlabs

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-36 image description

37. Every minute, $17,700 is lost due to a phishing attack.

Which explains why the costs associated with phishing and scam attacks continue to rise year over year. Individuals, organisations and governments are constantly trying to stay alert, aware and vigilant when it comes to phishing.

Share statistic Source: CSO

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-37 image description

Data breach statistics

38. The largest reported data leakages remain the Cam4 breach in March 2020, which exposed more than 10 billion data records, followed by the 2013 Yahoo data breach, where three billion data records were leaked.

Although we’ve successfully closed another year without a record setting data breach, several companies still became victims to data breach attacks and data ransom. Companies include Microsoft, MOVEit, ChatGPT, US Department of Transportation and more.

Share statistic Source: CNET

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-38 image description

39. 90% of data breaches occur because of spear phishing emails.

Spear phishing emails are more tailored than regular phishing emails. Meaning they appear to be more realistic to the reader. When the reader clicks the link, the scammer is able to access the device to retried personal identifiable information.

Share statistic Source: Earth Web

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-39 image description

40. 43% of data breaches are insider threats.

However, not always intentional. Many data breaches are caused due to human error, but regardless a staggering realisation to know many data leaks are caused from internal sources.

Share statistic Source: Checkpoint

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-40 image description

41. 30% of all large data breaches take place at hospitals.

Lots of confidential information is stored in hospitals, especially in the healthcare industry. Moreover, due to tight timelines, hackers have an easier time conning staff to elicit sensitive information.

Share statistic Source: TechJury

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-41 image description

42. The LinkedIn breach exposed 700 million records in June-August 2021 (93% of Linkedin members).

In 2021, cyber criminals have accomplished the exposure of an astonishingly large data leak of over 700 million LinkedIn users, exposing their names, addresses, phone numbers, and email addresses, as well as their LinkedIn profiles. The hack followed the same method used in the extremely damaging April penetration of their users’ information that hackers also uploaded to the dark web for sale.

Share statistic Source: Compatia

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-42 image description

43. Notable 2023 database hacks include X (formerly Twitter), where 220 million users email addresses were leaked.

Alongside X (formerly Twitter) was the 2023 AT&T breach which exposed approximately 9 million customers personal data. These are just noteworthy breaches, as of October 2023 there were hundreds of other publicly disclosed incidents.

Share statistic Source: IT Governance

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-43 image description

AI scam statistics

44. A study of +350 senior security electives found 70% believe AI benefits attackers more than defenders, yet 35% are still experimenting with it for cyber defence strategies.

Although the world of AI is moving at a rapid pace, there’s still much to be explored. As much as we expect to see acceleration with AI, we can also predict several attempts for government agencies to add improved regulations.

Share statistic Source: Splunk

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-44 image description

45. Organisations deploying security measures leveraging AI or automation spend on average 3.05 million USD, which is more than 50% lower than the spend associated with organisations without automated protective measures in place.

Although the cost of investing in cyber security is on the rise, data shows it pays to get on board with early adoption. This also includes encouraging organisations to consider streamlining their paid vendors, to ensure a cluttered list of apps and services don’t end up becoming an additional risk factor in itself.

Share statistic Source: IBM

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-45 image description

46. Generative AI has dominated the AI conversation in 2023, leading 7 in 10 Australian’s to express concern about how their information will be handled after engaging with AI tools.

Generative AI is not only adding concern on consumers, but it’s a massive driver for businesses and governments to monitor and be mindful of as videos surface where key political figures have been manipulated into falsified statements. These videos can look so realistic, even the people in the videos have had to take a double take on if the events happened or not.

Share statistic Source: IT Brief

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-46 image description

47. In 2023, we saw the rise of AI used to replicate human voice, also known as a “voice print” which was used to replicate familiar voices to friends and loved ones in an attempt to prompt theft and fraud.

A reputable security company said it picked up a 135% increase in sophisticated scam attacks leveraging AI in the first month of 2023.

Share statistic Source: ABC News

Copy link

https://eftsure.com/en-nz/statistics/cyber-security-statistics/#section-47 image description

Sources

2023-cybersecurity-guide-for-CFOs
Cybersecurity Guide for CFOs 2023: 6th Edition
Without this strategy, CFOs risk seeing cyber threats materialise into serious financial losses, along with a wide range of indirect costs like reputational damage.

That’s why we’ve created the Cybersecurity Guide for CFOs 2023 to help you create and implement a cyber-crime strategy, one that protects your organisation’s finances from a new generation of fraudsters.
Cybersecurity Guide for CFOs 2023: 6th Edition

FAQs

Every company and every person has sensitive data that needs protection. Luckily, it’s never too soon or too late to start protecting your business and or personal information from thieves and criminals. Cybersecurity is all about preventing unauthorised access to, use of, disclosure of or damage to an organisation’s assets (in this case, data) by malicious activity.

Every business needs to have cybersecurity as their top priority, particularly the CFO, who is most targeted. In order to stay ahead of cyber attacks, employees should be vigilant in the following:

– Regularly change passwords
– Examine carefully any emails that may contain a malicious link
– Limit access to sensitive data
– Update software regularly

With cyber crime presenting a large risk to their finances, a modern CFO cannot afford to be complacent. Being the Chief Financial Officer requires that a person have an extensive understanding of the risk involved with cyberspace and the consequences it may have on their duties.

Here is a list of cybersecurity tips and best practices to get you started:

– Use complex passwords across different devices and accounts
– Enable 2-factor or multi authentication
– Check for HTTPS on websites
– Back up data
– Avoid suspicious emails links or attachments
– Use VPNs

Related blog posts
$2.7B lost to email fraud: FBI urges CFOs to secure AP
Industry news 01/05/2025

$2.7B lost to email fraud: FBI urges CFOs to secure AP

The FBI’s 2024 Internet Crime Report reveals a sharp rise in cyber-enabled fraud, with reported losses reaching $16.6 billion, up...

business email compromise
cybercrime
cybersecurity
phishing
scam
How to Prevent Cybercrime
Processes 11/04/2025

How to Prevent Cybercrime

Cybercrime is an ever-evolving threat that affects individuals, businesses, and governments worldwide. As cyber crime continues to escalate and evolve...

AP Security
cybercrime
cybercriminals
cybersecurity
Internal Controls
How to Avoid Online Fraud: 7 Effective Tactics for Finance & AP Teams 
Processes 10/04/2025

How to Avoid Online Fraud: 7 Effective Tactics for Finance & AP Teams 

Discover 7 proven steps to safeguard your business from online payment fraud—essential reading for finance leaders facing rising scam risks.

accounts payable processes
AP Security

Subscribe to our blog

Subscribe to the eftsure blog to receive updates when we post.

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.

Request Demo