Virtualization Technology News and Information
Scary Security Stats: Roundup from 2022 Research

Scary Security Stats 2022 

Each year, cybersecurity companies publish a number of research reports focusing on different aspects of cybersecurity and breach trends.  Below is a list of some of the most alarming statistics from several reports published throughout the year from various companies.

Veeam - 2022 Data Protection Trends Report

Key findings from the research revealed:

  • 76% of the organizations surveyed had at least one ransomware attack in 2021.
  • Of the organizations that reported a ransomware attack, 16% reported it was attacked once in 2021 and 60% were attacked twice or more in 2021.
  • Recover without paying the ransom: 19% of organizations reported it was able to recover its data without paying the ransom. 
  • While 32% of organizations who paid the ransom still could not recover their data.
  • The cost of a ransomware attack: organizations experienced on average a 36% data loss after a ransomware attack. According to IT leaders, the average downtime cost due to an attack was roughly $1,467 per minute. 39.9% of the organizations that paid the ransom, paid more than $50,000. 



SecurityScorecard - The Fast and the Frivolous - Pacing Remediation of Internet-Facing Vulnerabilities 

  • 53% of organizations have at least one open vulnerability exposed to the internet. 22% of those organizations amass over 1,000 vulnerabilities each. 
  • It typically takes organizations about a year to remediate half of the vulnerabilities in the internet-facing infrastructure. 
  • The Finance sector has one of the slowest remediation rates (median=426 days), while Utilities rank among the fastest (median=270 days). 
  • Despite a 15-fold increase in exploitation activity for vulnerabilities with published exploit code, there is little evidence that organizations fix exploited flaws faster. 

Skybox Security - 2022 Vulnerability and Threat Trends Report 

  • There were 20,175 new vulnerabilities published in 2021, up from 18,341 in 2020. That's the most vulnerabilities ever reported in a single year, and it's the biggest year-over-year increase since 2018. 
  • The number of new vulnerabilities exploited in the wild rose by 24% in 2021. 
  • Vulnerabilities in operational technology jumped 88% from 2020 to 2021. 
  • The malware industry continues to churn out a wide array of malicious software: crypto jacking and ransomware programs increased by 75% and 42% respectively in 2021.


Cequence Security - API Protection Report - First Half 2022 

  • 31% (approximately 5 billion) malicious transactions targeted unknown, unmanaged and unprotected APIs, commonly referred to as shadow APIs, making this the top threat challenging the industry. The second largest API security threat mitigated during the first half of 2022 was API abuse, meaning attackers targeting properly coded and inventoried APIs.
  • Business owners are concerned about potential cybersecurity incidents - Four in ten (39%) SMBs would perceive a cyberattack as a crisis if it were to hit their business, behind only a dramatic fall in sales (51%) or natural disaster (40%). A cybersecurity incident is also the second most challenging type of crisis for SMB leaders (13%), it is exceeded only by a dramatic fall in sales (18%).
  • Cyber-resilience must match growth and development - With 8% of very small organizations (one to eight employees) and 30% of mid-size firms (500 to 999 employees) reporting they faced a cyber-incident in the past, the probability of facing cyberattacks rises as companies grow.
  • SMBs value cybersecurity investment - The majority of small businesses place value in cyber-resilience and security: 36% are more likely to cut advertising budgets than IT or cybersecurity, while just 13% would consider cutting cybersecurity costs in a crisis.
  • But confidence in IT stability is low - If hit by a crisis, companies need to rely on IT functions to keep transactions moving, customer data secure and suppliers connected with a business. However, just 31% of business managers or owners say they are confident they could keep their IT and information security functions stable if they would have to cut costs on IT.
  • Some measures aimed at reducing costs in times of a crisis can provoke additional cybersecurity risks - Speaking of staff reductions, companies may not have kept up-to-date with access restrictions to existing, new, or former employees. Of those surveyed, just over half could guarantee ex-employees can’t access company data via cloud services (51%) or corporate accounts (53%). When it comes to reducing IT costs, 15% of respondents would be willing to use pirated software.

Veritas Technologies - Research: Kubernetes an Achilles Heel in Defense Against Ransomware Attacks

  • Veritas' research reveals Kubernetes is being rapidly deployed into mission-critical environments in organizations around the world, with 86% of organizations expecting to deploy the technology in the next two to three years, and one-third already relying on it today. However, only 33% of organizations who have already deployed Kubernetes have tools in place to protect their data against threats such as ransomware.
  • Nearly half (48%) of organizations that have deployed Kubernetes have already experienced a ransomware attack on their containerized environments, while a staggering 89% of respondents said that ransomware attacks on Kubernetes environments are an issue for their organizations today.
  • Organizations are missing the opportunity to deliver rapid protection to these at-risk data sets by failing to extend their existing data protection from their traditional workloads out across their containerized environments. Just 40% of organizations are currently following this model, while the rest are complicating their protection environments with standalone products for some or all of their Kubernetes protection. They are doing this even though 99% of respondents believe there would be benefits to taking an integrated approach. This could be because nearly half (44%) of respondents said that they know little or nothing about solutions that could protect data across traditional, virtual and Kubernetes environments. 
The Beyond Big Data report by Ocient uncovers key trends around how organizations are managing the shift from big-data volumes toward ingesting, storing and analyzing hyperscale data sets, which include trillions of data records, and the expected technical requirements and business results from that shift.
  • Data workloads are getting bigger, faster and more complex. 97% of technology leaders indicated the volume of data managed by their organization will grow fast to very fast over the next one to five years.
  • It can get very costly, with the high expected rate of growth, 95% of respondents indicated they plan to spend more on data analytics infrastructure, with more than 55% indicating they plan to invest “a lot more.”  76% of respondents are already spending 20% or more of their IT budgets on data analytics-related solutions.
  • Security and compliance are among top concerns. When asked about their biggest data analysis pain points today, security and risk ranked #1 among C-level respondents (68%) with metadata and governance (41%) and slow data ingestion (31%) being two other top concerns


  • Software supply chain risk is now mainstream. More than half (52%) of respondents from a recent Coalfire study are "very" or "extremely" concerned about software supply chain risks.
  • This Coalfire supply chain survey found 59% of software development company customers have experienced purchase delays of up to three months due to concerns about code provenance.
  • Financial services organizations are challenged with securing mobile apps. Within Coalfire's application risk data on financial services, high risk was a low 8%. However, NowSecure found that high risk for mobile apps was 37%, meaning mobile apps performed much worse than web or desktop apps.
  • Training gaps threaten FedRAMP Authority to Operate. Coalfire's 2022 Pen Risk study found that while overall social engineering results show improvement, a lack of training, particularly around social engineering, accounts for 41% of all FedRAMP vulnerabilities-216% higher than in 2020.
  • According to Sophos the average dwell time for ransomware is 15 days and has increased by 36% compared to 2021.
  • According to the Verizon DBIR report:
    • The human element continues to drive breaches. This year 82% of breaches involved the human element.
    • Ransomware's heyday continues, and is present in almost 70% of malware breaches this year. The 13% increase in Ransomware breaches is more than in the last 5 years combined.
    • Social Engineering pattern is dominated by Phishing (~70%)
Socotra recently commissioned a study to determine the real business costs of time to market delays. The report found that by ditching legacy systems for newer, more agile ones, companies could avoid these scary outcomes:
  • Insurers forfeiting millions of dollars in new premiums due to delays common with incumbent systems.
  • Losing months or even years off a new product launch by relying on legacy systems vs. cloud-agile systems.
  • Establishing speed-to-market technology for new products brought in financial results 40x the cost of the new speed-to-market technology implementation.
  • Insurers that use incumbent systems instead of cloud-agile technology to launch products could be leaving as much as $25Million on the table by dragging their feet on innovation. 

Zerify - Zerify Survey

Zerify Survey indicates video conferencing security is a growing concern amid increasing cyber threats and fear of nation-state attacks

  • Nation-state cyber threats have increased at most (81.8%) companies
  • The majority of IT professionals  (89%) are concerned about foreign attacks as they see a rise in threats
  • 69% of IT professionals believe cyber attackers could breach their video conferencing platforms and 84% stated that if they were breached, they believed attackers could steal intellectual property, sensitive company data and trade secrets.
  • 97% of IT professionals said they were concerned about protecting privacy and video conferencing data
  • 92% of IT professionals reported that they are aware of security vulnerabilities in video conferencing platforms

Axway - Global Consumer Survey

A global consumer survey polling 5,074 adults in the United Kingdom, Brazil, Germany, France, and the United States, on open banking and finance, healthcare, general technology, and security and privacy. 

  • Convenience is still a major factor in consumer behavior: 60% of people globally believe it's worth allowing companies to access their personal data if it means a better user experience. 
    • One way people prioritize convenience: nearly two-thirds (73%) globally use their Facebook or Google account at times to log into other apps to avoid having to create new logins.
  • Consumers want privacy and control over their data - and greater transparency: 90% of respondents globally wish they knew what specific data companies have collected about them, and many have concerns that their online data may not be secure.
    • 85% of people are concerned that their online data may not be secure, although this changes depending on where you are in the world: 57% of Brazilians and 42% of U.S. Americans say they are "very concerned" that their online data may not be secure, with only 27% of British, 27% of French, and 21% of Germans.


Vaultree - IBM Security Cost of Data Breach 2022 report

Now in its 17th year, IBM Security's 2022 Cost of a Data Breach report shares the latest insights into the expanding threat landscape and offers recommendations for how to save time and limit losses.

  • The average cost of a breach in the United States is $9.44 million, the highest of any country with healthcare being one of the most profoundly impacted sectors.
  •  The average breach in healthcare increased by nearly USD 1 million to reach $10.10 million
  • Healthcare breach costs have been the most expensive industry for 12 years running, increasing by 41.6% since the 2020 report.
  • "The truth is, scary stuff happens and all the tools in the world won't stop it. Cybercriminals advance and so do the good guys, but breaches and leaks will happen either way. Given that, it is imperative that the sensitive data is protected so that when data is stolen, there is NO BREACH of the data," said Tilo Weigandt, Co-Founder & COO of Vaultree, an encryption technology company. "This is where Vaultree's fully functional data-in-use encryption solution is helping companies, allowing IT leaders to focus on their daily (security) business without having to constantly worry about any data being exposed."


Mendix - 2022 State of Low-Code report

Mendix unveiled new data from its "2022 State of Low-Code in Key Verticals" survey, which shows: 

  • 1 in 9 (12%) of companies said without a technological leap they would've shut down during the pandemic, losing customers, suffering reputational damage, raising prices, losing revenue, or letting staff go
  • 79% of organizations choose quick solutions over data security. However, 35% now consider managing app-security issues to be one of low-code's main benefits
  • The public sector still relies heavily on spreadsheets despite the increasingly digital nature of modern society - 1 in 10 public sector leaders say their supporting software cannot keep up. Federal, state, and local governments are using massive spreadsheets to manage information even though they are hard to maintain, lack versioning and are out of date


Sumsub - Identity Fraud in Brazil 2022

Sumsum found some stats from the Brazil market, and the findings should give businesses operating in Brazil a clear understanding of local fraud risks and how to deal with them: 

  • Sumsub detected and prevented monthly over 50,000 fraud attempts across 19 industries
  • When looking closer at Brazilian ID documents, the study found that passports are the most forged documents. The absolute majority (87.5%) of faked Brazilian IDs are just printouts, highlighting the high share of non-professional fraud attempts in the country. 
  • When attempting to bypass verification, fraudsters used desktop applications more often than mobile ones: 0.8% of total web sessions were marked as fraudulent attempts, compared to 0.5% of mobile sessions. Fraudsters do not appear to prefer either Android or iOS in terms of the devices they use.


Digibee - State of Enterprise Integration

New research reveals that the majority of IT leaders say enterprise integration is a business imperative - but only 7% have an established strategy.  Among the report findings:

  • Most business leaders (57%) believe an enterprise integration strategy is critical to their organization, while 61% of CIOs and more than half of system architects and developers said a standardized, enterprise integration strategy is a top priority.
  • However, only 7% of respondents have succeeded in implementing an enterprise integration strategy, while 93% of decision-makers admit they have no formal integration strategy in place.
  • More than half of CIOs and 45% of system architects and developers said in the past 12 months they had to rebuild integrations for existing key business applications six to 10 times, while 98% of respondents have rebuilt integrations for existing key business applications in the past 12 months. 

Intel 471

In 2022, Intel 471 found that:

  • Malicious applications appear on the official Google Play app market and get tens of thousands of downloads. For example, a dropper for a Coper banking trojan with the name "Your Docs Scanner" was downloaded more than 10,000 times from the Google Play store by mid-September 2022 and quickly ranked at the top in the category "Tools" in Canada - Intel 471 Malware Campaign Report - Case study of an Android banking trojan botnet (the Coper malware).
  • Of the 105 CVEs we reported in the third quarter of 2022, 72% were weaponized, 17% were productized and 64% had code available. Intel 471 Intelligence Bulletin - Q3 2022 vulnerabilities: Insight into risk levels, underground discussions
  • We continue to see ransomware blogs offering compromised data comprise the majority of breach events each month. Specifically, in May 2022, ransomware variants amounted to the highest percentage of breach events yet - 80.5%. - Intel 471 - Threat Brief - The 471 Cyber Threat Report: 2022-2023 trends, predictions
  • Since the beginning of 2022, we observed 25 information stealer offers in the underground, a 150% increase from the 10 offered in the same period of 2021. This increased frequency indicates a strong demand and high degree of success for cybercriminals leveraging information stealers. - Intel 471 - Threat Brief - The 471 Cyber Threat Report: 2022-2023 trends, predictions


Blumira - State of Detection and Response Report

  • Identity-based attacks and living off the land (LotL) behaviors as top threats organizations faced in 2021. Identity-driven techniques accounted for three out of Blumira's top five findings at 60%.
  • Attempts to authenticate into a honeypot, or a fake login page designed especially to lure attackers, was Blumira's #1 finding of 2021.


Keeper Security -  US Password Practices Report

  • 56% of respondents use the same password for multiple sites/apps, and on average, respondents use the same password for four different sites/apps.
  • 55% of respondents in our survey have been the victim of a cyberattack at least once, with almost a fifth (18%) of respondents saying money was stolen as a result.  


Tigera - The State of Cloud-Native Security 2022

This report recorded the rise in cloud-native development while identifying barriers and areas where organizations need support as they start or continue their cloud-native journey. Here are a few key statistics:

  • 97% of companies reported observability challenges with cloud-native applications
  • 96% of companies said that cloud-native application challenges are leading to slower deployment cycles, with 67% naming security as the top challenge

Cloud-native and container compliance requirements drove delays and challenges for organizations; here's what Tigera found:

  • 87% of companies said meeting compliance requirements is critical for their company, and 84% of respondents said that meeting compliance requirements for cloud-native applications is challenging 
IDSA (Source: 2022 Trends in Security Digital Identities)
  • While identity security investments have emerged as a focal point, basic security practices (such as MFA, de-provisioning, and privileged access reviews) are still lacking: An overwhelming 84% of organizations have experienced an identity-related breach in the past year.
  • 78% of these organizations cited a direct business impact as a result of an identity-related breach
  • Additionally, 96% reported that they could have prevented or minimized the breach by implementing identity-focused security outcomes, with 43% believing that implementing MFA alone would have made a difference in preventing breaches.


Wallarm (Source: Q2-2022 API Vulnerability & Exploit Report)
  • Building on Gartner's prediction that "by 2022, API abuses will move from an infrequent to the most frequent attack vector, resulting in data breaches for enterprise web applications," the Wallarm research team reviewed and analyzed Q2 API vulnerabilities and exploits.
  • They found that in Q2 alone, API-specific vulnerabilities reported increased by 268% (~2 per day), with 57% of these vulnerabilities rated as Critical and High risk.
  • Injections (OWASP A03 / API8) also emerged as the highest risk for APIs, ahead of BOLA by all metrics (number of discovered issues, exploitability and severity).
  • Additionally, 33% of all reported API vulnerabilities were almost immediately exploited, with PoCs published within a median of 2.5 weeks.


OPSWAT (Source: State of Malware Analysis: 2022 Report)
  • Malware analysis has become a critical business process to proactively consume threat intelligence and stay ahead of attackers by better understanding adversaries and hunting for threats.
  • Despite malware analysis maturing as a critical business process-48% of organizations have a dedicated malware analysis function-an overwhelming 93% of organizations are challenged by malware analysis.
  • The top malware analysis challenges stem from tedious manual processes: lack of automation (58%), lack of integration (56%), and lack of team experience in using tools (45%). These ultimately result in poor data outcomes and an inefficient process that can create a bottleneck.
  • Most alarmingly, only 3% of organizations are able to fully investigate and resolve malicious files through malware analysis. And, only one in five (22%) are able to resolve less than half of their malicious files.


Axio (Source: 2022 State of Ransomware Preparedness Report)
  • In 2022, ransomware preparedness significantly lagged behind the rapid rise and evolution of ransomware attacks. Specifically, a lack of basic cybersecurity practices continues to undermine organizational attempts to improve ransomware defenses: only 30% of organizations have a ransomware-specific playbook for incident management in place.
  • Insufficient progress has been made to implement foundational cybersecurity practices: Only 33% of organizations have a privileged access management solution.
  • Management of supply chain risk is far behind the rapid expansion of the threat surface: Only 40% of organizations monitor third-party access, evaluate third-party security posture, and limit third-party software use.
  • Incident management has not matured to address ransomware head on: Critical vulnerability patching within 24 hrs is reported by 24% of organizations and 60% of organizations still do not provide active phishing training.


Prevalent (Source: 2022 Third-Party Risk Management Study)
  • While organizations are starting to adopt Third-Party Risk Management (TPRM) programs to address new and emerging non-IT risks, these programs have a long way to go: only 40% of organizations are focused on managing both IT and non-IT vendor risks.
  • Furthermore, 45% of respondents reported that they experienced a security incident in the last year - up from 21% in 2021 - but 8% of companies still don't have a third-party incident response program in place, while 23% take a passive approach to third-party incident response.
  • TPRM is becoming more strategic but manual processes are still holding organizations back, with 45% reporting that they use spreadsheets to assess their third parties.
  • These manual processes add unnecessary complexity and time to third-party risk audits, with 32% of respondents saying it takes more than a month - more than 90 days in some cases - to produce reporting and evidence required to meet regulatory audits.


Radiant Logic (Source: Identity Data Management: Roadblock or Business Enabler?)
  • An alarming 67% of organizations know they have identity sprawl, but don't know how to fully address it.
  • While 58% rated identity management of vital importance, 61% stated that their organization views identity management as too time-intensive and costly to effectively manage.
  • Respondents reported the most common negative impacts as increased technical debt (66%) and negative productivity and morale (64%) among employees.
  • IT leaders face continued employee frustration and productivity challenges, yet they must contend with on-going budget constraints: 71% don't have a budget allocated to move identity-based projects forward.


SecureAuth (Source: Securing the Identity Perimeter with Defense in Depth)
  • With ransomware attacks typically identity-related, organizations are recognizing that protecting identities is a primary cybersecurity concern. Passwords are the weak link, but despite all known identity risks and protections afforded by MFA, 32% of organizations make MFA optional for employees, and 27% make MFA optional for their third-party workforce.
  • External attacks, like ransomware and malware, tend to garner more attention, but 36% of organizations have suffered attacks from insiders and external parties leveraging over-permissioned and underutilized identities (think: forgotten, inactive, or unused accounts, service accounts, and third-party accounts). 
Acronis - Mid-Year Cyberthreats report.
The use of phishing, malicious emails and websites, and malware continues to grow.
  • Six hundred malicious email campaigns made their way across the internet in the first half of 2022.
  • 58% of the emails were phishing attempts.
  • Another 28% of those emails featured malware.
  • The business world is increasingly distributed, and in Q2 2022, an average of 8.3% of endpoints tried to access malicious URLs.
  • Cyberattacks have contributed to a loss of more than $60 billion in DeFi currency since 2012.
  • $44 billion of that vanished during the last 12 months.
  • In 2021 alone, the FBI attributed a total loss of $2.4 billion to business email compromise (BEC).
  • Cyberattacks caused more than one-third (36%) of downtime in 2021.
Published Monday, October 31, 2022 7:30 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2022>