Cybersecurity Statistics to Watch Out for in 2025

Last Updated on February 20, 2025 by Editorial

Cybercriminals and data miners are becoming more advanced, aggressive, and profit-driven. High-profile security breaches frequently make headlines, raising public awareness of digital threats.

You don’t need to be an IT expert to recognize cybersecurity risks—that part is easy. The real challenge lies in understanding who is most vulnerable, when and why attacks happen, and how widespread these threats have become. It’s also crucial to grasp the financial and operational impact of cyberattacks, the technologies that can help prevent them, and the aftermath of a data breach.

The following cybersecurity statistics will provide insights into these risks, help strengthen network security, and, if necessary, guide you in developing an incident response plan.

Top Cybersecurity Statistics

Here are the top cybersecurity statistics making the headlines around the globe.

1. 45% of global organizations will experience a supply chain attack by 2025

One of the most significant cybersecurity challenges in recent years has been the rise of supply chain attacks. High-profile incidents like the 2023 MoveIt vulnerability, the SolarWinds breach, and the Log4j exploit in open-source software have exposed organizations worldwide to serious risks.

According to Gartner, by 2025, nearly 45% of global organizations will experience some form of supply chain attack, highlighting the urgent need for stronger security measures across interconnected systems.

2. Reported vulnerabilities expected to rise

The number of reported vulnerabilities continues to grow at an alarming rate. According to Skybox Security’s Vulnerability and Threat Trends Report 2024¹, over 30,000 new vulnerabilities were disclosed in the past year alone—a 17% increase compared to the previous year.

3. Cybersecurity to continue being a major concern in 2025

Cybersecurity threats are expected to persist, with risks extending into 2025, particularly targeting technology-driven services such as financial systems and communication networks. The Global Risks Report 2024² from the World Economic Forum highlights these ongoing concerns

4. Average cost of cybercrime to surpass $23 trillion by 2027

The financial impact of cybercrime is also escalating. U.S. Deputy National Security Advisor Anne Neuberger cited projections³ in 2023 estimating that annual cybercrime costs will exceed $23 trillion by 2027, a significant jump from $8.4 trillion in 2022.

5. Identity fraud resulted in losses of up to $23 billion in 2023

Businesses work hard to safeguard their sensitive data, but customer information remains exposed in vulnerable databases worldwide. According to Javelin Strategy & Research’s 2024 Identity Fraud Study⁴, identity fraud resulted in $23 billion in losses in 2023, underscoring the ongoing risks associated with data breaches and weak security measures.

6. Public reports to FBI were more than 880,000 in 2023

The FBI’s Internet Crime Complaint Center (IC3)⁵ received 880,418 complaints from the U.S. public in 2023, reflecting a 10% increase from the previous year. The potential financial impact of these incidents was significant, with reported losses surpassing $12.5 billion.

7. Ransomware still a big threat in 2025

Ransomware remains a persistent threat across all industries, with incidents continuing to rise. According to Sophos’ The State of Ransomware 2024⁶ report, 59% of surveyed organizations experienced a ransomware attack, highlighting the growing risk businesses face.

8. Generative AI fueling phishing attacks

The rise of generative AI has significantly contributed to the surge in phishing attacks. According to SlashNext’s The State of Phishing⁷ report, phishing incidents skyrocketed by 4,151% following the public release of ChatGPT in late 2022. The Anti-Phishing Working Group (APWG) also recorded 932,923 phishing attacks in just the third quarter of 2024, highlighting the growing scale of this cybersecurity threat.

9. DDoS attacks significantly increased in 2024

Distributed Denial-of-Service (DDoS) attacks saw a sharp increase in 2024. According to Netscout⁸, there were approximately 8 million DDoS attacks in the first half of the year, marking a 13% rise compared to the previous six months. The most powerful attack recorded reached a peak bandwidth of 960 Gbps, demonstrating the growing scale and intensity of these threats.

10. Cyberattacks lead to customer losses

Cyberattacks—whether data breaches, malware infections, ransomware incidents, or DDoS attacks—can have severe consequences. According to the Hiscox Cyber Readiness Report⁹, 43% of organizations reported losing existing customers due to cybersecurity incidents, highlighting the long-term impact on business reputation and trust.

11. Healthcare industry suffered biggest losses in 2024

Data breaches in 2024 came with a steep price tag, averaging $4.88 million per incident, according to a report from IBM and the Ponemon Institute. The healthcare sector faced the highest costs, with breaches averaging $9.77 million, while financial services reported an average cost of $6.08 million per incident.

12. There’s a global shortage of cybersecurity experts

The 2024 ISC2 Cybersecurity Workforce Study¹⁰ estimates that 5.5 million professionals are currently employed in the cybersecurity industry worldwide. However, there remains a significant workforce gap, with approximately 5 million more cybersecurity professionals still needed globally.

The same study revealed that 44% of organizations are operating with cybersecurity teams where most staff have less than three years of experience. Additionally, the report identified the highest demand for cybersecurity professionals in the Asia-Pacific region, the Middle East and Africa, and North America.

Sources

1. Skybox

2. WeForum

3. State.gov

4. Javelin

5. FBI

6. Sophos

7. SlashNext

8. Netscout

9. Hiscox

10. ISC2