AIMultiple ResearchAIMultiple Research

80+ Network Security Statistics in 2024

80+ Network Security Statistics in 202480+ Network Security Statistics in 2024

Network security is more than only risk management; it is a strategic problem that influences product capabilities, organizational performance, and customer experience. Numerous companies, however, find it difficult to discover the threats and cybersecurity statistics that entail network and IoT security considerations.

This article gathers 80+ current network security data points derived from expert evaluation and market analysis to assist businesses in better-analyzing network security trends.

1-Key network security statistics

1. The average data breach cost in 2023 was $4.45 million (the highest value ever recorded, with a 15% increase over 3 years).1

2. ~95% of executives place a high priority on IT security resilience.2

3. ~90% of organizations have reported at least one cyber incident or security breaches.3

4. The average employee has access to around 11 million files.4

2- The state of the network security market & forecasts

5. Revenue is predicted to grow at a ~13% annual rate (CAGR 2023-2028), resulting in a market volume of ~$40.00 billion by 2028.5

Source: Statista6

6. The U.S. network security market revenue is predicted to grow at a ~12% annual rate (CAGR 2023-2028), resulting in a market volume of ~$16 billion by 2028.7

7. The U.S. generates the most revenue in the network security market (~$9.0 billion in 2023).8

8. The number of incidents occurring in North America has grown from 23% of all cases in 2021 to 25% in 2022.9

9. The U.S. accounted for 80% of the North American region’s cyber crime, while Canada was accountable for 20%.10

10. The Internet Crime Complaint Center (IC3) reports total losses of $10.3 billion caused by Internet crime in 2022.11

11. The Internet Crime Complaint Center (IC3) has received an average of 651,800 complaints (from 2017 to 2022) each year, or more than 2,175 complaints per day.12

Figure: Global brand share of key network security players in 2022.

Source: Statista13

Table: Top 5 Companies, Worldwide Security Appliance Total Market Revenue, Market Share and Growth, Second Quarter of 2023 (revenue in USD millions)

Vendors*2Q23 revenue2Q23 market share2Q22 revenue2Q22 market share2Q23/2Q22 growth
1. T1 Fortinet$89821%$74619%20%
2. T1 Palo Alto Networks$88421%$79520%11%
3. Cisco$53613%$50413%6%
4. Check Point$3168%$3138%1%
5. Huawei$1453%$1333%9%
Rest of market$1,43534%$1,42436%1%

* Vendors are listed by 2Q23 revenue in descending order by IDC.

Source: IDC14

Source: IDC15

3- Network security data breach statistics

12. ~80% of breaches involve sensitive data stored in the cloud (public, private, or hybrid).16

Read more on network security: Network segmentation, microsegmentation.

13. 80% of hacking-related breaches are the result of brute force DDoS attacks or stolen data or lost credentials.17

14. 1,802 data breaches were reported in 2022.18

15. The number of data breach victims in 2022 (422.1 million) has climbed by over 40% since 2021.19

16. As of 2023, the average cost of a data breach in the U.S. was ~ $9 million. During the period studied, the global average cost of a data breach was ~$4 million.20

17. More than 6 million data records were exposed globally due to data breaches in the first quarter of 2023.21

18. The highest amount of exposed data records was found in the fourth quarter of 2020, about 125 million data pieces, since the first quarter of 2020. More than 6 million data records were exposed globally due to data breaches in the first quarter of 2023.22

19. Only 1/3 of businesses detected the data breaches through their teams, a  third party, or the attackers themselves revealing ~65% of breaches. When attackers revealed a breach, businesses paid ~$1 million more than if the breach had been discovered internally.23

20. The Federal Trade Commission received over 1.1 million inquiries of identity theft (e.g. frauds) in 2022.24

21. 82% of data breaches include a human element.25

4- Network security statistics by attack type


22. The global number of malware cases will reach 5.5 billion in 2022, with a 2% rise over the previous year.26

23. Worm malware was the most commonly prevented type of malware in 2022 with 206 million incidents occurring. Virus malware followed in second, with 204 million detections, followed by ransomware with over 106 million.27

24. Between 2018 and 2022, the share of global malware attacks delivered via e-mail scaled from ~35% to ~85%.28

25. ~50% of organizations experienced information—stealing malware activity.29


Figure: Ransom infection by industry

Source: Zscaler30

25. The U.S. accounts for ~50% of the leak site data, followed by Canada and the U.K., each contributing 5%.31

26. The total amount of money collected from ransomware attackers in 2022 was USD 457 million, down from $766 million in 2021.32

27. 4,000 ransomware attacks occur each day.33

28. The FBI’s Internet Crime Complaint Center (IC3) reported 2,084 ransomware complaints, with $17 million in losses from in 2021.34

29. ~70% of organizations globally were affected by a ransomware attack as of 2023. This figure increased over the previous five years and was the highest reported.35

30. ~20% of attacks were ransomware in 2022.36

31. ~493 million ransomware attempts were detected globally in 2022.37

32. The cost of the breach for companies that did not pay the ransom was ~$4.5 million. The average cost difference was ~$0.66 million, or ~13%.38


Figure: Percentage of phishing attacks by industry39

33. ~30% of phishing attempts worldwide targeted financial institutions in the fourth quarter of 2022. Web-based software services and webmail were responsible for about ~20% of all attacks. Social media was next, accounting for almost ~10% of all reported phishing attacks.40

34. Phishing is the most common threat in the U.S., with 323,972 victims in 2021—a 34% increase over the previous year.41

35. Phishing breaches took the third longest for detection and prevention at 295 days.42

36. Almost every phishing attack asked for names (98%), email addresses (~75%), home locations (~65%), and passwords (~60%).43

37. ~60% of phishing cases observed were attachments and ~35% were links.44

38. ~60% of phishing attacks leveraged spear-phishing* attachments.45

*Spear-phishing is a sort of phishing assault that uses malicious emails to target certain individuals or groups.

5- Network security statistics savings and costs

39. The average savings is ~$1.8 million for organizations that use network security AI and automation compared to organizations that don’t.46

40. ~50% of companies plan on increasing security spending to reduce cyber threats, such as incident response (IR) planning and testing, staff training, and threat detection and response systems.47

41. Companies with high DevSecOps implementation saved ~$1.7 million compared to those with low or no implementation.48

6- Network security statistics by industry

Figure: The top five countries or regions with the highest average cost of a data breach in 2022.

Source: IBM49


42. Between October 2021 and September 2022, healthcare organizations experienced numerous cyber-attacks, with network and application anomalies accounting for almost 63% of them followed by malware attacks (22% ).50

Figure: Distribution of cyber attacks in the healthcare industry worldwide from October 2021 to September 2022, by type.

Source: Statista51

43. The healthcare sector has the highest data breach expenses of any industry, rising ~8% from ~$10 million in 2022 to ~$11 million in 2023.52

44. There were 11 documented healthcare data breaches of ~1 million records and 14 data breaches of ~500,000 records in the U.S. healthcare industry, in 2022. The vast majority of such breaches involved hacking, with many including ransomware or malicious software.53

45. The 10 most popular U.S. states have experienced the highest number of healthcare data breaches, with New York and California, leading the list with 68 and 52 recorded breaches in 2022.54

46. Hacking incidents dominated U.S. healthcare breach reports in 2022, with 555 of the 707 recorded breaches (~70%) classed as hacking/IT incidents.55

47. 5,882 hospitals in the U.S. have shown a significant decrease in data breaches by incorporating IT security into their operations and systems.56


48. 1,832 network security incidents, with 480 confirmed data disclosure occurred in 2023.57

49. ~75% of financial and cyber insurance attacks have leaked personal information.58

50. ~30% of financial services respondents experienced a data breach in their cloud-based systems in 2022.59

51. ~60% of the surveyed financial services organizations report “human error” as a source of cloud data breaches.60

52. ~45% of financial service organizations believe that data encryption is a perfect method for achieving multiple levels of digital sovereignty.61

53. A financial services employee has access to ~15% of all the files in the organization.62

54. 65% of financial service organizations experienced security violations when over 1,000 private records were widely accessible to all employees.63

55. A data breach in financial services takes an average of 233 days to detect and prevent.64

56. At ~$6 million, the average cost of a financial services data breach is among the highest in any industry.65


57. A pharmaceutical breach cost ~$4.8 million in fiscal year 2023, down from ~$5 million in fiscal year 2022.66

58. Malicious attacks (45%), human error (28%), and IT failure (27%) are the most typical causes of a pharma data breach.67

59. ~20% of pharma organizations consider poor network security hygiene and weak firewall policies as critical issues.68

60. ~80% of companies have critical encryption difficulties in 2023, a ~50% rise from last year.69


61. A third-party breach affected the top ten of the largest energy companies in the U.S.70

62. The average cost of a data breach in the energy industry was $4.72 million in 2022.71

63. 45% of experts, cyber incidents are the most concerned source of business disruption, surpassing natural disasters and energy concerns.72

64. ~20% of all cyberattacks are targeted against energy companies in North America.73


65. ~ 24% of all cyberattacks are targeted against retailers in North America.74

66. The cost of a data breach was $3.0 million in the retail industry in 2023.75

7- Future of network security

67. 30% of companies will use Zero-Trust network access (ZTNA) technologies by 2024 as part of their cyber security strategy.76

68. ~65% of organizations plan to adopt a SASE** (secure access service edge) platform during 2024.77

**A SASE (secure access service edge) paradigm integrates networking and security as a service features at the network edge (rather than a data center) into a single cloud-delivered service.

69. ~75% of leaders state that implementing network security orchestration, AI and automation improves agility and responsiveness.78

70. ~80% of organizations are sustaining or accelerating their cloud migration.79

71. ~75% of leaders are planning on implementing zero-trust architecture in the future, with ~15% of them already using the technology. 80

72. ~90% of IT professionals say the National Security Presidential Memorandum (NSPM) is a strategic investment to improve security agility.81

73. Computer network architect jobs in the U.S. are projected to rise by 4% between 2022 and 2032, according to government agencies.82

74. Computer programmer jobs in the U.S. are projected to decrease by ~10% between 2022 and 2032.83

8- Other statistics

75. The probability of a cybercrime entity being discovered and penalized in the U.S. is %0.5.84

76. Leaders gain more value from cloud services. Leaders who say they obtain 1.7x the benefit from the cloud surpass Hopefuls (cloud cyber (2.3x), cloud-native development (2.9x), containers (3.5x), augmented reality (AR)/virtual reality (VR) (5x), and blockchain (10x)).85

77.  ~60% of organizations have 500 or more passwords that never expire.86

78. Almost 2/3 of companies have 1,000+ high-value files available to every employee.87

79. The Federal Trade Commission received over 1.1 million inquiries of identity theft in 2022.88

80. In 2022, there were twice as many thread-hijacking attempts each month as in 2021.89

81. ~85% of respondents stated that third-party errors caused operations to be disrupted.90

82. ~40% of organizations are prioritizing cloud security.91

For guidance on choosing the right tool or service for your cybersecurity industry project, check out our data-driven lists of software-defined perimeter (SDP) software and zero trust networking software.

Further reading

Find the Right Vendors
Access Cem's 2 decades of B2B tech experience as a tech consultant, enterprise leader, startup entrepreneur & industry analyst. Leverage insights informing top Fortune 500 every month.
Cem Dilmegani
Principal Analyst
Follow on

Drafted by
Mert Palazoğlu
Cem Dilmegani
Principal Analyst

Cem has been the principal analyst at AIMultiple since 2017. AIMultiple informs hundreds of thousands of businesses (as per similarWeb) including 60% of Fortune 500 every month.

Cem's work has been cited by leading global publications including Business Insider, Forbes, Washington Post, global firms like Deloitte, HPE, NGOs like World Economic Forum and supranational organizations like European Commission. You can see more reputable companies and media that referenced AIMultiple.

Throughout his career, Cem served as a tech consultant, tech buyer and tech entrepreneur. He advised businesses on their enterprise software, automation, cloud, AI / ML and other technology related decisions at McKinsey & Company and Altman Solon for more than a decade. He also published a McKinsey report on digitalization.

He led technology strategy and procurement of a telco while reporting to the CEO. He has also led commercial growth of deep tech company Hypatos that reached a 7 digit annual recurring revenue and a 9 digit valuation from 0 within 2 years. Cem's work in Hypatos was covered by leading technology publications like TechCrunch and Business Insider.

Cem regularly speaks at international technology conferences. He graduated from Bogazici University as a computer engineer and holds an MBA from Columbia Business School.

To stay up-to-date on B2B tech & accelerate your enterprise:

Follow on

Next to Read


Your email address will not be published. All fields are required.