Cybercrime and Cybersecurity – Facts and Statistics

According to a Statista report, the global cost of cybercrime is set to “skyrocket” in the coming years, reaching $23.84 trillion by 2027, and with ransomware payments exceeding $1 Billion in 2023, every firm needs to understand the potential risks, costs and legal frameworks involved.

Cyberthreats are now impacting global businesses in every sector and across all regions, with the UAE frequently ranking among the top five countries most at risk.

Here at Creative Word Training, we have our finger on the button when it comes to helping firms and individuals understand the potential impact of cybercrime and how to mitigate the risks involved.

Below we have collated some facts and statistics linked to cybercrime and cybersecurity, along with an explanation of terms and a few tips on helping you, your firm, your information, your assets, and your clients, stay safe.

What is cybercrime?

The term cybercrime relates to criminal activity carried out using computer networks or using digital technologies.

Information, data, currencies (both physical and digital), identities, and more, are at risk from attack or exploitation by cybercriminals.

Cybercriminals cause disruption to organizational systems and individuals, often to achieve financial gain.

The following are examples of cybercrime:

Hacking – unauthorized access to computer systems or networks to gain control or steal information.

Malware – creation and dissemination of malicious software (malware), including viruses, worms, ransomware, or spyware, with the goal of causing harm to computer systems or stealing information.

Phishing – deceptive techniques used to trick individuals or organizations into revealing sensitive information, such as passwords or financial details, by pretending to be a trustworthy entity.

Identity theft – stealing personal information to impersonate someone for fraudulent activities.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks – overloading a system or network with traffic to make it unavailable to users.

Cyber espionage – illegally accessing and stealing sensitive information for political or economic purposes.

Online fraud – committing fraud over the internet. This might include online scams, credit card fraud, or similar financial crimes.

Cyberbullying – using digital platforms to harass, intimidate, or harm individuals.

Data breaches – unauthorized access and exposure of sensitive data stored by organizations, leading to potential misuse.

Cryptojacking – illegally using someone else’s computer to mine cryptocurrency without their knowledge.

What is Cybersecurity?

Cybersecurity refers to the practice of protecting computer systems, networks, and digital information from theft, damage, unauthorized access, or any form of cybercrime.

It covers a range of technologies, processes, and practices designed to safeguard digital data, maintain the confidentiality, integrity, and availability of information, and ensure the continuing functionality of systems.

Key elements of cybersecurity include:

Data Security – protecting sensitive information, ensuring that it is not accessed or manipulated by unauthorized individuals.

Network security – securing the communication channels and infrastructure that enable data transfer between devices and systems.

Application security – ensuring that software and applications are free from vulnerabilities that could be exploited by malicious attempts to undermine them.

Endpoint security – protecting individual devices, such as computers, smartphones, and tablets, from cybercriminals and threats.

Cloud security – safeguarding data and applications hosted in cloud environments to prevent unauthorized access or data breaches.

Incident response and management – developing plans and procedures to effectively respond to and mitigate cybersecurity incidents. Organizations and individuals can implement these.

Identity and Access Management (IAM) – controlling and managing user access to systems and data to prevent unauthorized use.

Security awareness and training – educating individuals within an organization about cybersecurity best practices to reduce the risk of human-related security issues. This can help to not only prevent risk but also with mitigating the dangers linked to an attack.

Security policies and legal compliance – establishing and enforcing policies to ensure compliance with legal and regulatory requirements, as well as internal security standards.

Security auditing and monitoring – regularly assessing and monitoring systems and networks for potential vulnerabilities and unauthorized activities.

Facts and statistics about cybercrime and cybersecurity

The following information has been collected from various online sources. Click the highlighted links at to view the original source.

It covers a range of statistics designed to show the shifts in cybercrime frequency and some key areas of risk.

1. 82% of security breaches involved a human element. This remains a critical vulnerability for businesses and individuals.

2. Only 23% of security leaders monitor their partners and vendors in real-time for cyber security risks.

3. 40% of cyber threats now occur indirectly through the supply chain.

4. 41% of adults worldwide have experienced computer or mobile device viruses.

5. 13% of adults worldwide have experienced ransomware attacks.

6. Seven in 10 respondents reported having encountered vishing attacks, an increase from 54% in 2020. Vishing attacks are a type of social engineering attack performed over phone calls or voice messages for phishing.

7. Between November 2021 and October 2022, the public administration sector ranked first among the global industries most targeted by malware attacks.

8. The following are the top ten industry sectors affected by malware attacks up to 2022:

• Public administration

• Manufacturing

• Professional

• Information

• Education

• Transportation

• Retail

• Healthcare

• Finance

• Other services

9. 46% of organizations worldwide paid up to get their encrypted data back after experiencing a ransomware attack.

10. In 2023, the average annual increase in companies’ IT security budgets is expected to reach 5.3%.

Top tips for preventing cybercrime and improving your cybersecurity

The statistics above show that no one is infallible when it comes to being a target of cybercrime.

However, there are steps and strategies which can help mitigate the risk of attack, including:

1. Cybersecurity education and training

Educating employees and individuals about cybersecurity best practices, including recognizing phishing emails, creating strong passwords, and being cautious with the information they share online is the best way to avoid falling prey to scams and cybercrime.
Regularly conduct training sessions to keep everyone informed about the latest cyber threats and attacks, and ensure that employees understand your security plans and implementations, especially if a threat is discovered.
Remember that 82% of security breaches involved a human element. For example, the recent “deepfake” video call in which an employee was tricked into transferring $25million dollars from a multinational firm.

2. Create and utilize backup and disaster recovery plans

Regularly back up critical data and ensure that backups are stored in a secure location. Test the restoration process to verify data integrity.
Develop a comprehensive disaster recovery plan that includes steps to recover from a cyberattack thus minimizing downtime.

3. Conduct regular cybersecurity audits

While it is impossible to completely eliminate the risk of cyberattack, measures can be taken to ensure damage is limited and completing regular audits is key.
Identify potential vulnerabilities, remove unused or out-dated software, review your firm’s cybersecurity policies ensuring they are up-to-date, regularly check software and systems, and ensure all servers are secure.
Ask vendors and partners about their cybersecurity measures and check they are keeping your data and information safe.

More information on cybercrime and cybersecurity can be found on our blog page.

Contact us if you have any questions regarding our cybersecurity courses, or book your place here.