Written by Peter Glock for IT Governance:
We’re now halfway through the year, so I thought I’d take a look back at some of the most shocking cyber security statistics so far.
Shocking cyber security stats
- 98% of tested web apps are vulnerable to attack
Trustwave’s 2015 Global Security Report found that a staggering 98% of tested web applications were vulnerable to attack. Web apps are everywhere now, and it is essential that updates and patches are installed so that known vulnerabilities are addressed.
- 90% of large organisations reported suffering a security breach
The Department of Business, Innovation & Skills’ 2015 Information Security Breaches Survey was published at the beginning of June and was stuffed full of disturbing statistics. The report highlights how cyber attacks affect nearly every organisation, with 90% of large and 74% small organisations suffering a breach in 2014.
- 75% of directors are not involved in the review of cyber security risks
We’ve written about this story a few times this year. Research undertaken by PwC for their 2015 Global State of the Information Security Survey found that only 25% of directors are actively involved in reviewing security and privacy risks. Shocking behaviour.
- 93% of DPA breaches are caused by human error
People: the weakest link in the cyber security chain. The Information Commissioner’s Office reported that 93% of incidents it investigated in Q4 of 2014-15 were caused by human error.
- Online banking fraud increases 48% year-on-year
Figures published in the first quarter of 2015 by Financial Fraud Action UK (FFA UK) found that losses from online banking fraud rose by 48% in 2014, costing £60.4 million. It identified a total of 53,192 individual incidents.
According to the FFA, “A key driver behind increasing levels of fraud continues to be fraudsters tricking customers into revealing personal and financial information, normally over the telephone.”
- 144% increase in successful cyber attacks on businesses
CYREN’s 2015 Cyberthreat Yearbook report begins “Enterprises of all sizes are now besieged by cybercrime at an alarming rate”. It found that successful cyber attacks on businesses of all sizes increased by 144% over a four-year period, adding further weight to the argument that organisations should now aim for cyber resilience: the ability to not only repel but also respond to a cyber attack.