Cybercrime has evolved from an emerging threat to a global crisis with staggering economic implications. Understanding the latest cybercrime statistics is essential for organizations and individuals to grasp the scope of digital threats and implement effective security measures. 

These statistics not only reveal the financial impact of cyber attacks but also highlight vulnerable sectors and emerging threat patterns that shape our collective digital safety landscape.

Global cybercrime costs are $9.22 trillion, projected to reach $13.82 trillion by 2028

The global economic impact of cybercrime has reached an unprecedented scale, with current costs totaling $9.22 trillion according to Statista. This figure represents a dramatic acceleration in cybercriminal activity and its associated damages across industries, governments, and individuals worldwide. The cybercrime industry continues its alarming growth trajectory, with experts projecting costs to surge to $13.82 trillion by 2028—a staggering 49.9% increase compared to 2024 levels.

This exponential growth reflects the increasing sophistication of threat actors, the expanding attack surface created by digital transformation initiatives, and the growing value of digital assets. As organizations continue to digitize their operations and more critical infrastructure becomes connected, cybercriminals are finding more lucrative targets and developing more effective methods of attack.

The average cost of a data breach was $4.88 million in 2024, a 10% increase from last year

According to IBM’s latest Cost of a Data Breach Report, the global average cost of a data breach has climbed to $4.88 million in 2024, marking a significant 10% increase from the previous year. This continues the upward trend observed since 2018, when the average cost was $3.86 million, with 2024 representing the highest figure recorded in this period.

This substantial rise can be attributed to several factors, with business disruption costs playing a major role. These include system downtime, which paralyzes operations; customer loss due to eroded trust; and reputation damage that can persist long after the breach is contained. Additionally, post-breach expenses have grown substantially, encompassing costs such as expanded call center staffing to handle customer inquiries, regulatory fines that have become more severe with stricter data protection laws, and credit monitoring services provided to affected customers. The combination of these factors has created a perfect storm that continues to drive breach costs higher year after year.

The United States led the world in average breach cost, $9.36 million

The United States has maintained its position as the region with the highest average data breach costs for the 14th consecutive year, with costs reaching USD 9.36 million in 2024. This figure far exceeds those of other regions in the study, though it represents a slight decrease from the $9.48 million recorded in 2023. 

Following the U.S. in the top five regions are:

  • The Middle East at $8.75 million (up from $8.07 million in 2023)
  • Benelux (a new addition to the rankings this year) at $5.90 million
  • Germany at $5.31 million (up from $4.67 million)
  • Italy at $4.73 million (up from $3.86 million).

Interestingly, the data reveals varying trends across regions. While countries like Canada and Japan saw their average breach costs decrease (Canada dropped from $5.13 million to $4.66 million, and Japan from $4.52 million to $4.19 million), others experienced notable increases. The Middle East and Italy, in particular, recorded significant cost increases, suggesting regional differences in cybersecurity maturity, regulatory environments, and threat landscapes.

The healthcare industry had the highest data breach costs in 2024, $9.77 million

The healthcare industry experienced some relief in 2024 as the average breach cost decreased by 10.6% to $9.77 million from the previous year’s figure of $10.93 million. Despite this decrease, healthcare remains the most expensive industry for data breaches, a position it has held consistently since 2011. 

Several factors contribute to healthcare’s vulnerability, including the high value of medical records on the black market, legacy systems that often lack modern security features, complex networks with numerous connected devices, and strict regulatory requirements that impose substantial penalties for breaches involving patient data.

The significant gap between healthcare and the financial sector, which ranks second with average breach costs of $6.08 million, underscores the unique challenges faced by healthcare organizations. The top five industries with the highest average breach costs in USD are:

  • Healthcare – $9.77 million
  • Financials – $6.08 million
  • Industrial – $5.56 million
  • Technology – $5.45 million
  • Energy – $5.26 million

Protecting patient data is more critical than ever: Average healthcare breach costs reach $9.77 million.

7 in 10 of the global reported cyberattacks were ransomware attacks, with more than 317 million attempts recorded

Ransomware continues to be one of the most pervasive and damaging cyber threats facing organizations globally. These attacks, which encrypt victims’ data and demand payment for its release, have the power to completely paralyze business operations, resulting in significant financial losses, operational disruptions, and lasting reputational damage. 

The sophistication of these attacks has evolved dramatically, with threat actors now employing double and triple extortion tactics that involve not just encrypting data, but also threatening to leak sensitive information or launch DDoS attacks if ransoms aren’t paid.

The scale of this threat is starkly illustrated by recent statistics: in 2023, approximately seven in ten (70.13%) of all reported cyberattacks worldwide were ransomware-related, with security researchers documenting over 317 million ransomware attempts globally. 

This overwhelming prevalence compared to other attack types—such as network breaches (18.83%), data extortion (7.14%), data exfiltration (1.3%), loader attacks (0.65%), and DDoS attacks (0.65%)—demonstrates that ransomware has become the preferred method for cybercriminals seeking to monetize their activities, with many operating as sophisticated businesses complete with customer service to facilitate ransom payments.

5.5 million people work in cybersecurity globally, with a 4.8 million workforce gap

The ISC2’s 2024 Cybersecurity Workforce study reveals that there are currently 5.5 million active cybersecurity professionals working globally to protect organizations from evolving threats. However, this figure is overshadowed by an alarming workforce gap of 4.8 million unfilled positions, indicating that nearly 47% of the global cybersecurity workforce demand remains unmet. This severe shortage impacts organizations’ ability to adequately staff security teams, implement comprehensive security measures, and respond effectively to incidents.

Comparing these figures to those from 2022 highlights a concerning trend. Two years ago, 4.7 million cybersecurity professionals were active globally, with an additional 3.4 million needed to meet demand. The current data shows that while the active workforce has grown by approximately 17%, the gap has expanded by a much more significant 22% over the same period. 

This widening disparity between supply and demand underscores the rapidly increasing need for cybersecurity expertise as digital transformation accelerates across industries and cyber threats grow more sophisticated and prevalent.

Conclusion

The cybercrime statistics presented in this report paint a concerning picture of the digital threat landscape in 2024. With global cybercrime costs soaring to $9.22 trillion and projected to reach nearly $14 trillion by 2028, the financial impact of these threats continues to intensify at an alarming rate. 

Data breaches are becoming increasingly costly, with the average breach now exceeding $4.88 million—a 10% year-over-year increase that shows no signs of slowing.

The dominance of ransomware, accounting for 70% of all reported cyberattacks, illustrates how threat actors have refined their tactics to maximize financial gains. Meanwhile, the critical shortage of cybersecurity professionals—with 4.8 million unfilled positions globally—undermines organizations’ ability to defend against these sophisticated threats. 

As we navigate this challenging landscape, businesses must prioritize cybersecurity investments, adopt robust security frameworks, and develop strategies to address the skills gap through training and automation. The statistics make one thing abundantly clear: in today’s digital economy, effective cybersecurity is not just a technical requirement but a fundamental business imperative.

SOURCES:

  • Global cybercrime costs are $9.22 trillion, projected to reach $13.82 trillion by 2028.(Statista)
  • The average cost of a data breach was $4.88 million in 2024, a 10% increase from last year.(IBM)
  • The United States led the world in average breach cost, $9.36 million. (Statista)
  • The Healthcare industry had the highest data breach costs in 2024, $9.77 million. (Statista)
  • 7 in 10 of the worldwide reported cyberattacks were ransomware attacks, with more than 317 million attempts recorded. (Statista)
  • 5.5 million people work in cybersecurity globally, with a 4.8 million workforce gap. (ISC2)