Network security is essential to maintain strong organizational resilience and understand network security use cases. Discover 100+ current network security data points derived from expert evaluation and market analysis:
1-Key network security statistics
1. The average data breach cost in 2023 was ~$4 million (the highest value ever recorded, with a ~15% increase over 3 years).1
2. ~95% of executives place a high priority on IT security resilience.2
3. ~90% of organizations have reported at least one data breach or cyber incident.3
4. The average employee has access to around 11 million files.4
Read more: Network security software.
2- The state of the network security market & forecasts
5. Network security revenue is predicted to grow at a ~15% annual rate, resulting in a market volume of ~$40 billion by 2028.5
Source: Statista6
6. The U.S. network security market revenue is predicted to grow at a ~10% annual rate, resulting in a market volume of ~$15 billion by 2028.7
7. The U.S. generates the most revenue in the network security market (~$9 billion in 2023).8
8. The number of incidents in North America has grown from 23% of all cases in 2021 to 25% in 2022.9
9. The U.S. accounted for 80% of the North American region’s cyber crime, while Canada was accountable for 20%.10
10. The Internet Crime Complaint Center (IC3) reports total losses of ~$10 billion caused by Internet crime in 2022.11
11. The Internet Crime Complaint Center (IC3) has received an average of ~650,000 complaints (from 2017 to 2022) each year, or more than 2,000 complaints per day.12
Figure: Global brand share of key network security players in 2022.
Source: Statista13
Table: Top 5 Companies, Worldwide Security Appliance Total Market Revenue, Market Share and Growth, Second Quarter of 2023 (revenue in USD millions)
Vendors* | 2Q23 revenue | 2Q23 market share | 2Q22 revenue | 2Q22 market share | 2Q23/2Q22 growth |
|---|---|---|---|---|---|
1. T1 Fortinet | $898 | 21% | $746 | 19% | 20% |
2. T1 Palo Alto Networks | $884 | 21% | $795 | 20% | 11% |
3. Cisco | $536 | 13% | $504 | 13% | 6% |
4. Check Point | $316 | 8% | $313 | 8% | 1% |
5. Huawei | $145 | 3% | $133 | 3% | 9% |
Rest of market | $1,435 | 34% | $1,424 | 36% | 1% |
Total | $4,213 | 100% | $3,915 | 100% | 8% |
* Vendors are listed by 2Q23 revenue in descending order.
Source: IDC14
Source: IDC15
3- Network security data breach statistics
12. ~80% of breaches involve sensitive data stored in the cloud (public, private, or hybrid).16
Read more on network security: Network segmentation, microsegmentation.
13. 80% of hacking-related breaches are the result of brute force DDoS attacks or stolen data or lost credentials.17
14. ~1,800 data breaches were reported in 2022.18
15. The number of data breach victims in 2022 (~420 million) has climbed by over 40% since 2021.19
16. As of 2023, the average cost of a data breach in the U.S. was ~ $9 million. During the period studied, the global average cost of a data breach was ~$4 million.20
17. More than 6 million data records were exposed globally due to data breaches in the first quarter of 2023.21
18. The highest amount of exposed data records was found in the fourth quarter of 2020, about 125 million data pieces, since the first quarter of 2020. More than 6 million data records were exposed globally due to data breaches in the first quarter of 2023.22
19. Only 1/3 of businesses detected the data breaches through their teams, a third party, or the attackers themselves revealing ~65% of breaches. When attackers revealed a breach, businesses paid ~$1 million more than if the breach had been discovered internally.23
20. The Federal Trade Commission received over 1 million inquiries of identity theft (e.g. frauds) in 2022.24
21. ~80% of data breaches include a human element.25
4- Network security statistics by attack type
Malware:
22. The global number of malware cases will reach ~5.5 billion in 2022, with a 2% rise over the previous year.26
23. Worm malware was the most commonly prevented type of malware in 2022 with ~210 million incidents occurring. Virus malware followed in second, with ~200 million detections, followed by ransomware with over 106 million.27
24. Between 2018 and 2022, the share of global malware attacks delivered via e-mail scaled from ~35% to ~85%.28
25. ~50% of organizations experienced information-stealing malware.29
Figure: Ransom infection by industry
Source: Zscaler30
25. The U.S. accounts for ~50% of the leak site data, followed by Canada and the U.K., each contributing 5%.31
26. The total amount of money collected from ransomware attackers in 2022 was ~$460 million, down from ~$770 million in 2021.32
27. 4,000 ransomware attacks occur each day.33
28. The FBI’s Internet Crime Complaint Center (IC3) reported 2,084 ransomware complaints, with $17 million in losses from in 2021.34
29. ~70% of organizations globally were affected by a ransomware attack as of 2023. This figure increased over the previous five years and was the highest reported.35
30. ~20% of attacks were ransomware in 2022.36
31. ~495 million ransomware attempts were detected globally in 2022.37
32. The cost of the breach for companies that did not pay the ransom was ~$4.5 million. The average cost difference was ~$0.7 million, or ~13%.38
Phishing:
Figure: Percentage of phishing attacks by industry39
33. ~30% of phishing attempts worldwide targeted financial institutions in the fourth quarter of 2022. Web-based software services and webmail were responsible for about ~20% of all attacks. Social media was next, accounting for almost ~10% of all reported phishing attacks.40
34. Phishing is the most common threat in the U.S., with 323,972 victims in 2021.41
35. Phishing breaches took the third longest for detection and prevention at 295 days.42
36. Almost every phishing attack asked for names (98%), email addresses (~75%), home locations (~65%), and passwords (~60%).43
37. ~60% of phishing cases observed were attachments and ~35% were links.44
38. ~60% of phishing attacks leveraged spear-phishing* attachments.45
*Spear-phishing is a sort of phishing assault that uses malicious emails to target certain individuals or groups.
5- Network security statistics savings and spending
39. The average savings is ~$2 million for organizations that use network security AI and automation compared to organizations that don’t.46
40. ~50% of companies plan on increasing security spending to reduce cyber threats, such as incident response (IR) planning and testing, staff training, and threat detection and response systems.47
41. Companies with high DevSecOps implementation saved ~$2 million compared to those with low or no implementation.48
42. Global security and risk management spending estimation:
Source: 1. Statista49 2. Gartner50 3. IDC51
6- Network security statistics by industry
Figure: The top five countries or regions with the highest average cost of a data breach in 2022.
Source: IBM52
43. Between October 2021 and September 2022, healthcare organizations experienced numerous cyber-attacks, with network and application anomalies accounting for almost 63% of them followed by malware attacks (22% ).53
Figure: Distribution of cyber attacks in the healthcare industry worldwide from October 2021 to September 2022, by type.
Source: Statista54
44. The healthcare sector has the highest data breach expenses of any industry, rising ~8% from ~$10 million in 2022 to ~$11 million in 2023.55
45. There were 11 documented healthcare data breaches of ~1 million records and 14 data breaches of ~500,000 records in the U.S. healthcare industry, in 2022. The vast majority of such breaches involved hacking, with many including ransomware or malicious software.56
46. The 10 most popular U.S. states have experienced the highest number of healthcare data breaches, with New York and California, leading the list with 68 and 52 recorded breaches in 2022.57
47. 5,882 hospitals in the U.S. have shown a significant decrease in data breaches by incorporating IT security into their operations and systems.58
Financial:
48. 1,832 network security incidents, with 480 confirmed data disclosure occurred in 2023.59
49. ~75% of financial and cyber insurance attacks have leaked personal information.60
50. ~30% of financial services respondents experienced a data breach in their cloud-based systems in 2022.61
51. ~60% of the surveyed financial services organizations report “human error” as a source of cloud data breaches.62
52. ~45% of financial service organizations believe that data encryption is a perfect method for achieving multiple levels of digital sovereignty.63
53. A financial services employee has access to ~15% of all the files in the organization.64
54. 65% of financial service organizations experienced security violations when over 1,000 private records were widely accessible to all employees.65
55. A data breach in financial services takes an average of 233 days to detect and prevent.66
56. At ~$6 million, the average cost of a financial services data breach is among the highest in any industry.67
Pharmaceuticals:
57. A pharmaceutical breach cost ~$4.8 million in fiscal year 2023, down from ~$5 million in fiscal year 2022.68
58. Malicious attacks (45%), human error (28%), and IT failure (27%) are the most typical causes of a pharma data breach.69
59. ~20% of pharma organizations consider poor network security hygiene and weak firewall policies as critical issues.70
60. ~80% of companies have critical encryption difficulties in 2023, a ~50% rise from last year.71
Energy:
61. A third-party breach affected the top ten of the largest energy companies in the U.S.72
62. The average cost of a data breach in the energy industry was $4.72 million in 2022.73
63. 45% of experts, cyber incidents are the most concerned source of business disruption, surpassing natural disasters and energy concerns.74
64. ~20% of all cyberattacks are targeted against energy companies in North America.75
Retail:
65. ~ 24% of all cyberattacks are targeted against retailers in North America.76
66. The cost of a data breach was $3.0 million in the retail industry in 2023.77
7- Future of network security
67. 30% of companies will use Zero-Trust network access (ZTNA) technologies by 2024 as part of their cyber security strategy.78
68. ~65% of organizations plan to adopt a SASE** (secure access service edge) platform during 2024.79
**A SASE (secure access service edge) paradigm integrates networking and security as a service features at the network edge (rather than a data center) into a single cloud-delivered service.
69. ~75% of leaders state that implementing network security orchestration, AI and automation improves agility and responsiveness.80
70. ~80% of organizations are sustaining or accelerating their cloud migration.81
71. ~75% of leaders are planning on implementing zero-trust architecture in the future, with ~15% of them already using the technology. 82
72. ~90% of IT professionals say the National Security Presidential Memorandum (NSPM) is a strategic investment to improve security agility.83
73. Computer network architect jobs in the U.S. are projected to rise by 4% between 2022 and 2032, according to government agencies.84
74. Computer programmer jobs in the U.S. are projected to decrease by ~10% between 2022 and 2032.85
8- Other statistics
75. The probability of a cybercrime entity being discovered and penalized in the U.S. is %0.5.86
76. Leaders gain more value from cloud services. Leaders who say they obtain 1.7x the benefit from the cloud surpass Hopefuls (cloud cyber (2.3x), cloud-native development (2.9x), containers (3.5x), augmented reality (AR)/virtual reality (VR) (5x), and blockchain (10x)).87
77. ~60% of organizations have 500 or more passwords that never expire.88
78. Almost 2/3 of companies have 1,000+ high-value files available to every employee.89
79. The Federal Trade Commission received over 1.1 million inquiries of identity theft in 2022.90
80. In 2022, there were twice as many thread-hijacking attempts each month as in 2021.91
81. ~85% of respondents stated that third-party errors caused operations to be disrupted.92
82. ~40% of organizations are prioritizing cloud security.93
83. In 2023, 3,205 data compromises were reported, and data intrusions such as breaches, leaks, and exposure harmed over 353 million people in the U.S.94
84. It takes ~280 days to find and contain an average cyberattack.95
85. The average cost of a healthcare breach was estimated to be $9 million, more than double the average cost for all industries, which was $4 million.96
86. In 2023, the monetary damage caused by cybercrime reported to the U.S. increased by around 21% year on year, reaching a historical high of $12.5 billion.97
87. The monetary damage caused by cybercrime reported to the U.S. increased by around 21% in 2023.98
88. 85% of responders from large companies with 5,000 or more employees said they now use microservices.99
89. CISOs state that ~50% of sensitive data loss in organizations occurs due to compromised or misconfigured systems resulting in data loss.100
90. 95% of companies are concerned about cloud security.101
91. The most prevalent cause (45%) of severe network-related failures.102
92. The human factor is responsible for 80% of breaches.103
93. Data breaches impacted ~350 million people in the United States in 2023.104
94. ~70% of cyber attacks against businesses start with compromised credentials.105
95. Total number of vulnerabilities climbed to a new high of ~25,000 in 2023. 106
96. The number of outbreak alerts issued in 2023 increased by 35% over 2022.107
97. Organizations with an incident response strategy detect data breaches 54 days faster than those without.108
98. 45% of surveyed organizations reported third-party-related interruptions in their business operations.109
99. The cyber attack disruption levels have surged by 200% from 2019 to 2024, compared to a 4% increase from 2011 to 2016.110
100. In 2023, ~300,000 phishing attack incidents were reported to the Internet Crime Complaint Center (IC3) in the U.S., with a 100+% increase compared to the incidents reported (114, 702) in 2019.111
101. The total amount of data breaches in the given industries has more than doubled in the last three years rising to 1,300+ cases from ~600.112
For guidance on choosing the right tool or service for your cybersecurity industry project, check out our data-driven lists of software-defined perimeter (SDP) software and zero trust networking software.
Further reading
- Top 10 Microsegmentation Tools
- Microsegmentation: What is it? Benefits & Challenges
- Role-based access control (RBAC)
- Zero Trust Network Access (ZTNA): Definition & Benefits
- 10 Cybersecurity Best Practices for Corporations
- Top 7 Network Monitoring Software/Network Management Software
Reference Links
Cem's work has been cited by leading global publications including Business Insider, Forbes, Washington Post, global firms like Deloitte, HPE and NGOs like World Economic Forum and supranational organizations like European Commission. You can see more reputable companies and resources that referenced AIMultiple.
Throughout his career, Cem served as a tech consultant, tech buyer and tech entrepreneur. He advised enterprises on their technology decisions at McKinsey & Company and Altman Solon for more than a decade. He also published a McKinsey report on digitalization.
He led technology strategy and procurement of a telco while reporting to the CEO. He has also led commercial growth of deep tech company Hypatos that reached a 7 digit annual recurring revenue and a 9 digit valuation from 0 within 2 years. Cem's work in Hypatos was covered by leading technology publications like TechCrunch and Business Insider.
Cem regularly speaks at international technology conferences. He graduated from Bogazici University as a computer engineer and holds an MBA from Columbia Business School.
Be the first to comment
Your email address will not be published. All fields are required.