October is Cybersecurity Awareness Month. Here are some haunting numbers…

1. The Cybersecurity & Infrastructure Agency (CISA) says ransomware attacks happen every 11 seconds.

That’s an increase in the US of 185% in the first six months of 2021 alone.

2. In 2021, it took an average of 212 days to detect a breach, 75 days to contain it.

IBM found that the total lifecycle of a cybersecurity breach is about 287 days, a whole week longer than was reported in 2020.

3. The average cost of ransomware remediation increased 143% in 2021 over 2020.

Sophos, a British security software company, found that when you take into consideration downtime, people time, device costs, network costs, lost income opportunities, and the actual ransom paid, the average cost to fix the impacts of a ransomware attack in 2021 is currently 1.85 million. That’s a jump up from $0.76 million in 2020.

4. Only 65% of data was restored after companies paid the ransom.

Sophos also found that even after an organization paid the ransom demanded by the cyber attackers, over one-third of their data was still inaccessible. Of those that paid ransom, 29% reported that 50% or less of their data was restored and only 8% got all their data back.

5. 67% of end users don’t really understand what “ransomware” is all about.

While news of ransomware attacks is increasingly appearing in the media, the average end user isn’t completely clear on what they actually are, how they happen, and how they as individuals can strive to prevent them. Most people have become aware of what “phishing” and “malware” are, but “ransomware” is still a relatively new term.

6. 70% of companies don’t address best security practices for remote workers.

Studies have found that when 82% of global businesses required or requested more than half of their employees switch to remote work, only about 30% of them received any relevant training regarding best remote work security practices.

7. 45% of end users say they did not change their passwords in the past year, even after a breach.

According to surveys conducted by a prominent password management software provider, most end users are aware that password security is important, but few actually care enough to change their behaviors using them. 92% say they know using the same password is risky, but 65% still do. There are many reasons for this, but chief among them is 68% are afraid or forgetting passwords and 52% want to maintain control of all their passwords.