网络犯罪对美国公司的影响分析报告-培训课件外文版2024.4

DIGITAL

&

TRENDSTheimpactofcybercrimeoncompaniesintheUnitedStatesCHAPTER

01OverviewShareoforganizationsintheUnitesStatesthatareatriskofamaterialcyberattackaccordingtoCISOsfrom2021to2023U.S.companiesatriskofcyberattacksaccordingtoCISOs2021-2023Share

ofrespondents20212022202365%34%73%4Description:A2023surveyamongchiefinformationsecurityofficers(CISO)intheUnitedStatesshowedthatthreeinfourorganizationswereatriskofamaterialcyberattackinthefollowing12months.Bycomparison,thepreviousyear'ssurveyshowedthatonly34percentofinformationsecurityleaderswereconcernedabouttheircompanyexperiencingamaterialcyberattack.ReadmoreNote(s):UnitedStates;2021to2023;1,400respondents;ChiefInformationSecurityOfficers(CISO),riskinthefollowing12monthsSource(s):Censuswide;ProofpointBiggestconcernsofboardofdirectors(BOD)oforganizationsintheUnitedStatesregardingcybersecurityasofFebruary2023CommoncybersecurityconcernsofU.S.companyleaders2023Shareofrespondents0%5%10%15%20%25%30%35%40%45%43%50%ReputationaldamageSignificantdowntime39%LossofcurrentcustomersImpactonbusinessvaluationDisruptiontooperationsLossofrevenue38%38%33%29%5Description:Accordingtoa2023survey,about43percentofchiefinformationsecurityofficers(CISO)ofcompaniesintheUnitedStatesreportedthattheleadingcybersecurityconcernfortheboardofdirectors(BOD)wasthepossiblereputationaldamagefollowingacyberattack.Furthermore,approximately40percentofrespondentssaidsignificantdowntime,lossofcurrentcustomers,andanimpactonbusinessvaluationwerepossibleconsequencesofcyberattacksthattheboardofdirectors[...]

ReadmoreNote(s):UnitedStates;January30toFebruary7,2023;1,600respondents;ChiefInformationSecurityOfficers(CISOs)fromorganizationswithmorethan200employeesacrossdifferentindustriesin16countriesSource(s):Censuswide;ProofpointShareofCISOsincompaniesintheUnitedStatesinagreementthathumanerroristheirorganization'sbiggestcybervulnerabilityfrom2021to2023U.S.companyCISOswhobelievehumanerrorisbiggestcybervulnerability2023Shareofrespondents0%10%20%30%40%50%60%70%80%20212022202375%49%69%6Description:Accordingtoa2023survey,aboutsevenintenChiefInformationSecurityOfficers(CISOs)intheUnitedStatessaidhumanerroristheirorganization'smostsignificantcybervulnerability.Meanwhile,in2022,thissharewasaround50percent,downfrom75percentinthepreviousyear.ReadmoreNote(s):UnitedStates;January30toFebruary7,2023;1,600respondents;ChiefInformationSecurityOfficers(CISOs)fromorganizationswithmorethan200employeesacrossdifferentindustriesin16countriesSource(s):Censuswide;ProofpointMostcommonconsequencesofcyberattacksoncompaniesintheUnitedStatesasof2022ConsequencesofcyberattacksonU.S.companies2022Shareofrespondents0%

5%10%15%20%25%30%35%Disruptionofpartner/customeroperations31%31%Theftoffinancialinformation(eg.bankdetailsorpaymentcarddetails)Reputationaldamage(eg.badpublicity/disgruntledcustomers)Theftofcorporateinformation28%28%Disruptionofsupplychain24%23%Disruptionoftrading/businessoperationsLossofbusinessorcontract19%18%Theftofmoney7Description:Accordingtoa2022report,asurveyamongITdecision-makersintheUnitedStatesfoundthat31percentofrespondentsclaimedtohaveexperiencedpartnerorcustomeroperationsdisruption.ThesameshareofITleaderssaidthattheyhaveexperiencedtheftoffinancialinformation,suchasbankdetailsorpaymentcarddetails.Theftofmoneywasthecasefor18percentoftherespondents.ReadmoreNote(s):UnitedStates;2022;516respondents;amongITdecisionmakersSource(s):KeeperSecurity;SapioResearchCHAPTER

02CyberattacksAnnualnumberofcyberattacksintheUnitedStatesfrom2016to2022(inmillions)NumberofcyberattacksintheU.S.2016-20220.60.50.40.540.480.470.350.320.280.30.20.10.00.2520162017201820192020202120229Description:In2022,around480,000incidentsofcyberattackswerereportedintheUnitedStates.Thefigurehasgraduallyincreasedsince2016,whenapproximately250,000cyberattackswereregisterednationwide.Thenumbersawanuptickin2020,reaching540,000.ReadmoreNote(s):UnitedStates;2016to2022Source(s):FBI;IMF;TechnologyMarketInsightsMostcommontypesofcyberattacksexperiencedbycompaniesintheUnitedStatesin2022CyberattacksexperiencedbyU.S.companies2022Shareofattacks10%

15%0%5%20%25%30%35%40%45%45%50%NetworkintrusionBusinesse-mailcompromiseInadvertentdisclosure30%12%Intentionalaccess/disclosure5%Lost,stolen,orimproperlydisposeddevicesorrecordsSystemmisconfiguration/accessiblecloudassetAccounttakeover4%2%2%10Description:In2022,networkintrusionwasthemostcommontypeofcybercrimeattackexperiencedbycompaniesintheUnitedStates,accountingfor45percentofincidents.Businesse-mailcompromise(BEC)rankedsecond,with30percentofdatasecurityincidentsinU.S.companies.Afurther12percentofcompaniesreportedhavingencounteredinadvertentdisclosure.ReadmoreNote(s):UnitedStates;2022;cybersecurityincidentsSource(s):BakerHostetlerShareoforganizationsworldwidehitbyransomwareattacksin2022and2023,bycountryOrganizationshitbyransomwareattacks2022-2023,bycountryShareofrespondents2023

202240%0%10%20%30%50%60%70%80%90%84%84%SingaporeAustriaAustraliaSouthAfricaSwitzerlandSpainIndiaUnitedStatesBrazil65%50%80%70%78%51%75%75%60%71%73%78%68%68%48%55%66%GlobalAverageItaly66%65%64%61%France73%11Description:Onaverage,66percentoforganizationsworldwidewerevictimsofaransomwareattackbetweenMarch2022andMarch2023,accordingtoasurveyconductedamongcybersecurityleadersofworldwideorganizations.Singaporerankedfirstbytheransomwarerateincompanies,with84percentreportinghavingencounteredsuchanattackinthelast12months.CompaniesinSouthAfrica,Spain,andSwitzerlandfollowed,withupto78percentoftheorganizationsexperiencingransomware[...]

ReadmoreNote(s):Worldwide;2022and2023;5,600respondents;ITdecisionmakersandcybersecurityleadersSource(s):Sophos;VansonBourneNumberofphishingattackvictimsintheUnitedStatesfrom2018to2022U.S.numberofphishingvictims2018-2022350,000323,972300,497300,000250,000200,000150,000100,00050,0000241,342114,70226,3792018201920202021202212Description:In2022,over300thousandindividualsintheUnitedStatesreportedencounteringphishingattacks.Thisfigurehaddecreasedbysevenpercentcomparedtothepreviousyearwhenthenumberofphishingattacksnationwideamountedtoover320thousand.However,in2020and2019,thisnumberwasrelativelylow,around241thousandand114thousand,respectively.ReadmoreNote(s):UnitedStates;2018to2022;basedonthenumberofcasesreportedtoIC3Source(s):FBI;IC3Numberofbusinesse-mailcompromise(BEC)victimsintheUnitedStatesfrom2020to2022U.S.numberofBECvictims2020-202225,00021,83219,95419,36920,00015,00010,0005,000020202021202213Description:In2022,21,832individualsintheUnitedStatesreportedencounteringbusinesse-mailcompromise(BEC)scams.Thisfigurehasslightlyincreasedinthelastthreeyears,with19,369reportedvictimsin2020and19,954in2021.

ReadmoreNote(s):UnitedStates;2020to2022;basedoncasesreportedtoIC3Source(s):FBI;IC3Annualamountofmonetarylossofbusinesse-mailcompromise(BEC)victimsintheUnitedStatesfrom2020to2022(inbillionU.S.dollars)AnnualU.S.BECvictimsmonetaryloss2020-20223.02.742.42.52.01.51.00.50.01.8720202021202214Description:In2022,individualsintheUnitedStateslostover2.74billionU.S.dollarsinbusinesse-mailcompromise(BEC)scams.Thisfigurerepresentsanotableincreasesince2021whenthereportedlossestotaledapproximately2.4billionU.S.dollars.In2020,theamountofmoneylostinthistypeofcybercrimeintheU.S.amountedtoover7.4billionU.S.dollars.ReadmoreNote(s):UnitedStates;2020to2022;basedoncasesreportedtoIC3Source(s):FBI;IC3PrimarycauseofcyberattacksencounteredbycompaniesintheUnitedStatesin2022RootcauseofcyberattacksatU.S.companies2022Shareofattacks10%0%Rootcauseunknown5%15%20%25%30%26%25%PhishingOther(e.g.,Pixel,devicetheft,skimmers)Unpatchedvulnerability14%11%Socialengineering5%5%Otherhumanerror(e.g.,unintendedrecipient)Misconfiguration4%4%EmployeeabuseofaccessprivilegesOpenRDP3%3%Bruteforce/Credentialstuffing15Description:In2022,themostcommoncauseordeliveryofcyberattacksintheUnitedStateswasphishing,encounteredbyoneinfourcompaniesnationwide.Unpatchedvulnerabilitieswerethesecondmostcommonoriginofcyberattacks,with11percentoftheattacks.Socialengineeringandvarioustypesofhumanerrorwerealsolikelytocauseacyberattackintheexaminedyear.ReadmoreNote(s):UnitedStates;2022Source(s):BakerHostetlerCHAPTER

03DatabreachesMostsignificantdatabreachesintheUnitedStatesasofJanuary2024,byimpactBiggestdatabreachesintheU.S.2024,byimpactName

ofthe

organizationYahoo(2013-2016)ImpactOver3billionuseraccountsMicrosoft(Jan2021)30000U.S.companies(60000companiesworldwide)885millionfilerecordsFirstAmericanFinancialCorp.(May2019)Facebook(Apr2021)530millionusersLinkedIn(Apr2021)Over700millionuserrecordsJPMorganChase(Jun2014)HomeDepot(Apr2014)MySpace(Jun2013)76millionhouseholdsand7millionsmallbusinesses56millionpaymentcardnumbersand53millione-mailaddressesOver360millionaccountsFriendFinderNetworks(Nov2016)MariottInternational(Sep2018)412millionaccounts500millionguests17Description:AsofJanuary2024,themostsignificantdatabreachincidentintheUnitedStateswastheYahoodatabreachthatdatesbackto2013-2016.Impactingoverthreebilliononlineusers,thisincidentstillremainsoneofthemostsignificantdatabreachesworldwide.Thesecond-biggestcasewastheJanuary2021databreachatMicrosoft,involvingabout30thousandcompaniesintheUnitedStatesandaround60thousandcompaniesaroundtheworld.

ReadmoreNote(s):UnitedStates;January2024Source(s):UpGuardAnnualnumberofdatacompromisesandindividualsimpactedintheUnitedStatesfrom2005to2023NumberofdatacompromisesandimpactedindividualsinU.S.2005-2023DatacompromisesNumberofrecordsexposedinmillionsIndividualsimpactedinmillions3,5003,0002,5002,0001,5001,0005003,2052,541.072,227.851,825.411,8621,8021,5061,2791,1751,09936.61,108883.56783785656662614498471.23446447419422.14353.02321318.28310.12

298.08222.519815766.9169.1164.68127.791.98

85.6119.135.716.222.917.302005

2006

2007

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

2019

2020

2021*

2022

202318Description:In2023,thenumberofdatacompromisesintheUnitedStatesstoodat3,205cases.Meanwhile,over353millionindividualswereaffectedinthesameyearbydatacompromises,includingdatabreaches,leakage,andexposure.Whilethesearethreedifferentevents,theyhaveonethingincommon.Asaresultofallthreeincidents,thesensitivedataisaccessedbyanunauthorizedthreatactor.ReadmoreNote(s):UnitedStates;2005to2023;datacompromisesincludedatabreaches,dataexposures,anddataleaks;individualsimpactedmaygobeyondtheUnitedStates;*Since2021,the"Numberofrecordsexposed"islistedas"Numberof[...]

ReadmoreSource(s):IdentityTheftResourceCenterNumberofrecordsexposedinonlinedatabreachesintheUnitedStatesfrom1stquarter2020to4thquarter2023(inmillions)U.S.numberofdatasetsaffectedindatabreachesQ12020-Q42023120100806040200114.0586.4775.537250.6350.2339.631.7515.368.498.16.976.745.032.392.32Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q4202319Description:Betweenthefirstquarterof2020andthefourthquarterof2023,thenumberofrecordsexposedindatabreachesintheUnitedStatesdecreasedsignificantly.Inthemostrecentmeasuredperiod,over31millionrecordswerereportedasleaked,upfromaroundeightmillioninthepreviousquarter.ReadmoreNote(s):UnitedStates;Q12020toQ42023Source(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsintheUnitedStatesfrom3rdquarter2022to3rdquarter2023DatabreachdensityintheU.S.Q32022-Q3202316014012010080148604026242016200Q32022Q42022Q12023Q22023Q3202320Description:DatabreachdensityintheUnitedStateshassignificantlyincreasedbetweenthethirdquarterof2022andthethirdquarterof2023.Inthethirdquarterof2022,thenumberofexposeddatapointsperthousandindividualsinthecountrywas26,whileitwentdownto24inthethirdquarterof2023.ReadmoreNote(s):UnitedStates;Q32022toQ32023;numberofbreacheddatasetsperthousandindividualsSource(s):SurfSharkNumberofdataviolationincidentsandindividualsimpactedintheUnitedStatesfrom1stquarter2021to4thquarter2023(inmillions)NumberofdatacompromisesandindividualsimpactedintheU.S.Q12021-Q42023CompromisesVictims41254479553212281662494433538835626768211352514411099590562530998051004986986677826966658764107203536Q12021Q22021Q32021Q42021Q12022Q22022Q32022Q42022Q12023Q22023Q32023Q42023354497445566404413473512442941733108921Description:Betweenthefirstquarterof2021andthefourthquarterof2023,thenumberofdatacompromisecasesintheUnitedStateshasincreasedsignificantly.Inthemeasuredperiod,thehighestnumberofdatacompromiseswasrecordedinthefourthquarterof2023,with1,089cases.Thiswasamassivespikefromthepreviousquarterwhen733suchcasesweredetected.Adifferentdynamicisseeninthenumberofindividualsimpactedbytheseincidents.Inthefourthquarterof2022,more[...]

ReadmoreNote(s):UnitedStates;Q12021toQ42023Source(s):IdentityTheftResourceCenterNumberofcasesofdataviolationduetocyberattacksintheUnitedStatesfrom2020to2023,byindustryPrivatedataviolationincidentsintheU.S.2020-2023,byindustry2020306138702021330279222184125792022343269249223100872023809HealthcareFinancialservicesManufacturingandutilitiesProfessionalservicesEducation7441444230817316710010511910145Technology67GovernmentNon-profit/NGORetail476674318672531024465TransportationHospitality2136173334Unknown41Other1723082508122Description:In2023,thehealthcareindustryintheUnitedStatesremainedthemosttargetedbycyberattacks,resultingindatacompromises.Comparedto2022,thenumberofdatacompromiseincidentsintheU.S.healthcareindustryincreasedmorethantwice.Thefinancialservicessectorrankedsecond,with744datacompromiseincidents,representingasignificantincrease,too.ReadmoreNote(s):UnitedStates;2020to2023Source(s):IdentityTheftResourceCenterAnnualnumberofcyberattacksresultingindatacompromisesintheUnitedStatesfrom2020to2023,bytypeU.S.numberofcyberattacksleadingtodataviolation2020-2023,bytype2023202246127670202153735714124202038315810450Phishing/Smishing/BECRansomware43824611814MalwareNon-SecuredCloudEnvironmentCredentialStuffingUnpatchedSoftwareFlawZeroAttackDayOther929181417-4311030826414261111613162NotSpecified138023657271595Total87823Description:Phishing,smishing,andbusinesse-mailcompromise(BEC)havebeenthemostwidespreadtypesofcyberattacksintheUnitedStates,resultingindatacompromises.In2023,theseattacksmadeuparound18percentofthetotalcyberattacksinthecountrythatledtoaviolationofpersonaldata.Ransomwareattacksrankedsecond,whilemalwarefollowed.Asignificantpartoftheexaminedattacks,58percent,wereunspecified.ReadmoreNote(s):UnitedStates;2020to2023Source(s):IdentityTheftResourceCenterAnnualnumberofdatacompromisesintheUnitedStatesfrom2015to2023NumberofdataviolationincidentsintheU.S.2015-20233,5003,0002,5002,0003,2051,8621,8021,5061,5001,00050001,27920191,17520181,09920161,10820207852015201720212022202324Description:In2023,therewere3205casesofdatacompromiseintheUnitedStates,comparedto785incidentsin2015.Between2019and2021,thenumberofꢀindividualsaffectedbytheseviolationshasbeendecreasinggradually.

ReadmoreNote(s):UnitedStates;2015to2023Source(s):IdentityTheftResourceCenterCHAPTER

04ImpactedindustriesIndustrysectorsmosttargetedbyransomwareattacksintheUnitedStatesin2023U.S.industriesmosttargetedbyransomware2023Numberofcomplaints100050150200250300HealthcareandpublichealthCriticalmanufacturingGovernmentfacilitiesInformationtechnologyFinancialservices249218156137122CommercialfacilitiesFoodandagricultureTransportation877544CommunicationsEnergy3230Chemical24EmergencyservicesWaterandwastewatersystemsDefenseindustrialbase98226Description:In2023,theU.S.InternetCrimeComplaintCenter(IC3)receivedapproximately250complaintsindicatingransomwareattacksinhealthcareorganizations.Thesecondmostvictimizedindustrysectorwascriticalmanufacturing.Governmentfacilitiesrankedthird,with156complaints.Financialservicesorganizationsfiled122complaintsduringtheexaminedyear.ReadmoreNote(s):UnitedStates;2023;numberofcomlaintsreceivedbyInternetCrimeComplaintCenter(IC3)Source(s):FBI;IC3MostcommontypesofransomwaretargetingcriticalinfrastructureintheUnitedStatesin2023U.S.commontypesofransomwaretargetingcriticalindustries2023200175180160140120100801009563604140200LOCKBITALPHV/BlackcCatAkiraRoyalBlackBasta27Description:In2023,175LOCKBITransomwareattacksintheUnitedStatestargetedcriticalinfrastructure.ALPHV/Blackcatransomwarewasbehind100cyberattacks,whileAkira,thethird-mostdetectedransomwarevariant,had95detections.

ReadmoreNote(s):UnitedStates;2023Source(s):IC3ImpactofransomwareattacksonhealthcareinstitutionsintheUnitedStatesin2022U.S.impactofransomwareonhealthcareinstitutions202260%56%53%50%40%30%20%10%0%47%37%28%LongerlengthofstaysAnincreaseinmortalityrateIncreaseinpatientstransferredordivertedtootherfacilitiesDelaysinproceduresandtests

Increaseincomplicationsfromresultedinpooroutcomes

medicalprocedures28/statistics/1411088/healthcare-ransomware-attack-impact-usA2022surveyofhealthcareexpertsintheUnitedStatesshowsthatoverhalfoftheorganizationshadsufferedanincreaseinmortalityrateduetoransomwareattacks.Ahighershareofinstitutionsreportedpatientshavingtostaylongerundercare.ReadmoreNote(s):UnitedStates;2022;13,455respondents;healthcareexpertsSource(s):Cynerio;PonemonInstitute;TechTargetNumberofransomwareattacksonU.S.healthcareorganizationsfrom2019to2023YTD,bystateRansomwareattackcountonU.S.healthcareorganizations2019-2023YTD,bystate2023

YTD20223202172020820194NewYorkCaliforniaMichiganFlorida664444332222281321147216582Texas105952PennsylvaniaMassachusettsIowa64136300101TennesseeVirginia12100240Arizona3430Illinois3431Oklahoma160029Description:From2019to2023,CaliforniahadthehighestnumberofransomwareattacksinhealthcareorganizationsintheUnitedStates.ThehighestnumberofransomwareattacksinthehealthsectorinCaliforniawasregisteredin2021,with13attacksintotal.Furthermore,betweenJanuaryandOctober2023,NewYorkandCaliforniaeachsawsixransomwareattacks.ReadmoreNote(s):UnitedStates;2019to2023YTDSource(s):Comparitech;USCensusBureauEstimatedcostofdowntimecausedbyransomwareattacksinU.S.healthcareorganizationsfrom2019to2023YTD(inbillionU.S.dollars)RansomwareattacksdowntimeestimatedcostU.S.healthcare2019-2023YTD2519.3201510516.214.79.48.9020192020202120222023YTD30Description:FromJanuarytoOctober2023,theestimatedcostofdowntimeinU.S.healthcareorganizationscausedbyransomwareattackswas14.7billionU.S.dollars.Inthepreviousyear,downtimeintheU.S.healthsectorcostaround16billionU.S.dollars,whilein2021,itwasoverninebillionU.S.dollars.ReadmoreNote(s):UnitedStates;2019to2023YTDSource(s):ComparitechAveragedowntimecausedbyransomwareattacksinU.S.healthcareorganizationsfrom2019to2023YTD,bynumberofdaysRansomwareattackscausedaveragedowntimeU.S.healthcare2019-2023YTD,bydays2018.711815.7116141210814.88136.74642020192020202120222023YTD31Description:FromJanuarytoOctober2023,theaveragedowntimeinU.S.healthcareorganizationscausedbyransomwareattackswas18.71days.Thisfigurerepresentsanincreasefromnearly16daysin2022andapproximatelysevendaysin2021.

ReadmoreNote(s):UnitedStates;2019to2023YTDSource(s):ComparitechAnnualnumberofdatacompromisesinthemanufacturingandutilitiesindustryintheUnitedStatesfrom2020to2023U.S.numberofdataviolationcasesinmanufacturingsector2020-202330025924925020015010050222700202020212022202332Description:In2023,therewere259casesofdatacompromiseinthemanufacturingandutilitiesindustryintheUnitedStates.Thisisasignificantincreasesince2020whenthenumberofpersonaldataviolationincidentsinthesectorwasonly70.Thecasesregisteredin2022ꢀimpacted23.9millionpeople.ReadmoreNote(s):UnitedStates;2020to2023;includespersonaldatabreaches,exposures,anddataleaksSource(s):IdentityTheftResourceCenterAnnualnumberofentitiesimpactedinsupplychaincyberattacksintheUnitedStatesfrom2017to2023U.S.numberofentitiesimpactedinsupplychaincyberattacks2017-20233,0002,5002,0001,5001,0002,7691,7436945215002321191010201720182019202020212022202333Description:In2023,supplychaincyberattacksintheUnitedStatesimpacted2769entities.Thisisthehighestreportednumbersince2017.Inthelastmeasuredyear,thenumberofaffectedentitieshasincreasedbyapproximately58percentyear-over-year.Theimpactedentitieshaveaccesstomultipleorganizations'data,whichrepresentsasignificantriskfororganizations.ReadmoreNote(s):UnitedStates;2017to2023;estimatedminimum,includespersonaldatabreaches,exposures,anddataleaksSource(s):IdentityTheftResourceCenterAnnualnumberofsupplychaincyberattacksintheUnitedStatesfrom2017to2023U.S.numberofsupplychainattacks2017-2023300250200150242115103100104848269500201720182019202020212022202334Description:In2023,therewere242claimedsupplychainattacksintheUnitedStates.Thisisthehighestreportednumbersince2017.Overall,supplychainattackssawayear-over-yearincreaseof115percentbetween2022and2023.

ReadmoreNote(s):UnitedStates;2017to2023;includespersonaldatabreaches,exposures,anddataleaksSource(s):IdentityTheftResourceCenterCHAPTER

05FinancialimpactEstimatedannualcostofcybercrimeintheUnitedStatesfrom2017to2028(inbillionU.S.dollars)AnnualcostofcybercrimeintheU.S.2017-20282,0001,8001,6001,4001,2001,0008001,8161,301904639.2600452.3400320220.12022153200010565.47201937.41201819.420172020202120232024*2025*2026*2027*2028*36Description:CybercrimecostsintheUnitedStatesreachedanestimated320billionU.S.dollarsasof2023.Between2017and2023,thisfigurehasseenasignificantincreaseofover300billionU.S.dollars.Accordingtothelatestestimates,thisdynamicwillcontinueinupcomingyears,reachingapproximately1.82trillionU.S.dollarsincybercrimecostsby2028.ReadmoreNote(s):UnitedStates;2017to2023;*Estimate.ReadmoreSource(s):TechnologyMarketInsightsAveragecostsofallcyberattacksintheUnitedStatesandEuropefrom2021to2023,bycountry(inthousandU.Sdollars)MediancostsofallcyberattacksintheU.SandEurope2021-2023,bycountryAveragecostinthousandU.Sdollars20232022202115051020253024.2UnitedKingdomGermany28141616212420UnitedStatesTheNetherlandsFrance191021.418181217179.6Ireland812.4Spain121218.7Belgium101237Description:Cyberattacksonbusinessesꢀarebecomingꢀmorefrequent,targeted,andcomplex.Theeffectsofacyberattackgowellbeyondthedirectfinancialconsequences.In2022,UnitedKingdomhadthehighestaveragecostofcyberattacks,at24.2thousandU.S.ꢀdollars.ReadmoreNote(s):Belgium,France,Germany,Ireland,Netherlands,Spain,UnitedKingdom,UnitedStates;January9toFebruary2,2023;5,005respondents;Basedonasurveyofexecutives,departmentalheads,ITmanagersandotherkeyprofessionalsSource(s):ForresterResearch;HiscoxAveragecostofadatabreachintheUnitedStatesfrom2006to2023(inmillionU.S.dollars)AveragecostperdatabreachintheUnitedStates2006-20231099.449.489.058.648.197.9187.357.247.016.756.66765432106.536.365.855.55.44.793.5420062007200820092010201120122013201420152016201720182019202020212022202338Description:Asof2023,theaveragecostofadatabreachintheUnitedStatesamountedto9.48millionU.S.dollars,upfrom9.44millionU.S.dollarsinthepreviousyear.Theglobalaveragecostperdatabreachwas4.45millionU.S.dollarsin2023.

ReadmoreNote(s):UnitedStates;2006to2023Source(s):IBM;PonemonInstituteMonetarylossofcompaniesintheU