As organisations everywhere edge their way towards 2022, we close off 2021 by taking a look at 21 highlighted statistics that were shared within the industry during the past 12 months which we feel rounds up the year and gives context to the current state of cyber security across the globe.

  1. The average total cost of a data breach is now $4.24m, a 10% increase in average total cost of a breach from 2020 to 2021. (2)

  2. Over 80% of breaches are discovered by external parties. (1)

  3. 36% of breaches involve phishing. (1)

  4. 85% of breaches involved the human element. (1)

  5. 20% of breaches are initially caused by compromised credentials. (2)

  6. 287 is the days average time to identify and contain a breach. (2)

  7. $2.46m av. cost savings with incident response (IR) teams and IR testing. (2)

  8. $3.81m savings in data breach in organisations with fully deployed security automation. (2)

  9. $180 is the per record cost of personally identifiable information. (2)

  10. Organisations with more than 50% of their workforce working remotely took 58 days longer to identify and contain breaches than those with 50% or less working remotely. (2)

  11. 88% of boards now view cybersecurity as a business risk. (4)

  12. Average cost of a data breach divided into 4 categories: (2)
    1. Lost Business Cost - 38% - $1.59m
    2. Detection & Escalation - 29% - $1.24m
    3. Post Breach Response - 27% - $1.14m
    4. Notification - 6% - $0.27m

  13. Worldwide public cloud end-user spending is to grow by 23% in 2021. (5)


  14. Over 30% of incidents take months or years to discover. (1)

  15. From April 2020 – July 2021 the frequency and the complexity of ransomware attacks increased (by more than 150% in 2020) and became one of the greatest threats that organisations face today regardless of the sector to which they belong. (3)

  16. The top 5 highest average total cost of attack vectors: (2)
    1. Business email compromise (BEC) ($5.01m)
    2. Phishing ($4.65m)
    3. Malicious insiders ($4.61m)
    4. Social engineering ($4.47m)
    5. Compromised credentials ($4.37m)

  17. The overall cost of remediating a ransomware attack has vastly increased from $761,106 in 2020 to $1.85m in 2021. (3)

  18. 60% of developers are releasing code 2 times faster than before, thanks to DevOps – up 25% from (pre-pandemic) 2020. (6)

  19. In 62% of the supply chain attacks, malware was the attack technique employed. (5)

  20. The public sector saw a significant increase in data breach costs, increasing by 78.7% between 2020-2021. The public sector wasn’t alone in seeing cost increases; the retail, media, hospitality, and communications industries also had an increase in average data breach costs. (2)

  21. Organisations in a mature stage of zero-trust deployment had an average cost of a breach of $3.28m, $1.76m less than organisations without zero-trust implementations in place. (2)


If you have concerns around any of the areas highlighted in the above statistics or would like to discuss any of these areas in further detail please contact us to arrange a meeting with some of our expert team.




  1. Verizon DBIR Report 2021
  2. Cost of a Data breach report 2021
  3. ENISA Threat Landscape 2021
  4. Gartner Board of Directors survey
  5. Gartner Forecasts Worldwide Public Cloud End-User Spending to Grow 23% in 2021 – Press Release
  6. Gitlab 2021 Global DevSecOps Survey


Sign up to receive the latest insights

Join our cyber security community to stay up to date with the latest news, insights, threat intel and more right in your inbox.  All you have to do is choose how often.