2025 Cybersecurity Almanac: 100 Facts, Figures, Predictions And Statistics

11 Dec 2025 Cybersecurity Almanac: 100 Info, Figures, Predictions And Statistics

The previous, current, and way forward for cybercrime. Dropped at you by Evolution Fairness Companions

– Steve Morgan, Editor-In-Chief

Sausalito, Calif. – Dec. 11, 2025

If it had been measured as a rustic, then cybercrime — which is predicted to inflict damages totaling $10.5 trillion USD globally in 2025, in keeping with Cybersecurity Ventures — could be the world’s third-largest economic system after the U.S. and China, surpassing the wealth of whole nations.

Cybersecurity Ventures is worked up to launch this particular fifth annual version of the Cybersecurity Almanac, a handbook containing probably the most pertinent statistics and data for understanding cybercrime and the cybersecurity market.

We’ve one thing for everybody, together with college students, mother and father, academia, authorities, legislation enforcement, small-to-midsized companies, Fortune 500 and World 2000 firms, IT staff, cybersecurity consultants, chief safety officers, the boardroom, and C-suite executives.

The most recent version of the Cybersecurity Almanac supplies an enlightening journey into noteworthy safety incidents and the hackers behind them, in addition to a complete overview of crucial historic dates, insightful statistical info, the cyberdefense panorama, cybersecurity funding developments, and extra.

CYBERCRIME DAMAGE

Cybersecurity Ventures expects world cybercrime prices to develop by 15 % per yr over the following two years, reaching $10.5 trillion USD globally this yr and $12 trillion USD yearly by 2031, up from $3 trillion USD in 2015. This represents the biggest switch of financial wealth in historical past, dangers the incentives for innovation and funding, is exponentially bigger than the injury inflicted from pure disasters in a yr, and can be extra worthwhile than the worldwide commerce of all main unlawful medicine mixed.
The common world prices of an information breach, in keeping with an IBM report, dropped to $4.44 million USD—down 9 % from the yr prior. The catalyst is quicker breach containment pushed by AI-powered defenses. Organizations had been in a position to determine and comprise a breach inside a imply time of 241 days, the bottom it’s been in 9 years. But this progress comes with a caveat: the very velocity of AI and automation deployment that’s serving to organizations defend higher can also be creating new dangers. The 2025 price continues to be up from $3.86 million USD in 2020.
Following three years of intensive analysis, a global group of researchers have compiled the primary ever ‘World Cybercrime Index’, which identifies the globe’s key cybercrime hotspots by rating probably the most vital sources of cybercrime at a nationwide stage. The Index, printed in Apr. 2024, exhibits {that a} comparatively small variety of international locations home the best cybercriminal menace. Russia tops the listing, adopted by Ukraine, China, the U.S., Nigeria, and Romania. The U.Ok. is available in at quantity eight.
Reporting practices regarding unlawful cyber exercise have improved, however in 2025, we’re nonetheless confronted with a scenario the place Cybersecurity Ventures predicts that lower than 25 % of cybercrimes dedicated globally are reported to legislation enforcement, up from lower than one in seven cybercrimes that had been reported in 2018, in keeping with the U.S. Division of Justice.
“Throughout the nation we’re seeing more and more subtle cybercrime being performed by people who find themselves youthful and youthful and youthful,” mentioned William McKeen, a supervisory particular agent with the FBI’s Cyber Division, at a safety convention in San Francisco final yr. “It’s terrifying.” He mentioned the typical age of anybody arrested for a criminal offense within the U.S. is 37, whereas the typical age of somebody arrested for cybercrime is nineteen.

WHAT’S AT RISK

Cybersecurity Ventures estimates that round half of all cyberattacks globally strike small companies, and it’s been reported in numerous media shops over the previous decade that 60 % of small firms exit of enterprise inside six months of falling sufferer to an information breach or cyberattack.
A survey performed in Oct. 2025 for Mastercard by the Harris Ballot of 13,077 adults throughout 13 international locations revealed that youthful persons are extra more likely to fall for on-line fraud, that folks would really feel too ashamed to report the crime, and, maybe most worryingly, that almost 60 % say that fraud is so pervasive that being scammed is just inevitable. Seven of 10 respondents mentioned that it’s tougher to safe their info on digital platforms than it’s to safe their very own dwelling.
Roughly a million extra folks be part of the web day by day. There have been round 6 billion folks related to the web interacting with information in 2022, up from 5 billion in 2020 — and we predict there can be greater than 7.5 billion web customers in 2030. If road crime grows in relation to inhabitants progress, so will cybercrime.
Complete world information storage is projected to exceed 200 zettabytes by 2025. This consists of information saved on non-public and public IT infrastructures, on utility infrastructures, on non-public and public cloud information facilities, on private computing gadgets — PCs, laptops, tablets, and smartphones — and on IoT (Web-of-Issues) gadgets. Cybersecurity Ventures predicts that the complete quantity of knowledge saved within the cloud — which incorporates public clouds operated by distributors and social media firms (assume Apple, Fb, Google, Microsoft, X, and so forth.), government-owned clouds which are accessible to residents and companies, non-public clouds owned by mid-to-large-sized firms, and cloud storage suppliers — will attain 100 zettabytes by 2025, or 50 % of the world’s information at the moment, up from roughly 25 % saved within the cloud in 2015.

RANSOMWARE

The worldwide price of ransomware was predicted to succeed in $20 billion USD in 2021, up from $325 million USD in 2015. Cybersecurity Ventures expects ransomware injury prices to exceed $265 billion USD yearly by 2031.
Cybersecurity Ventures predicted {that a} enterprise fell sufferer to a ransomware assault each 11 seconds in 2021, up from each 14 seconds in 2019. The frequency of ransomware assaults on governments, companies, shoppers, and gadgets will proceed to rise over the following seven years and hit each two seconds by 2031.
CNA Monetary made the largest ransomware payout on document. The Chicago-based firm paid $40 million USD to the Phoenix cybercriminal group, believed to return from Russia.
Verizon’s 2025 Knowledge Breach Investigation Report (DBIR) discovered that 44 % of all breaches analyzed confirmed ransomware was current, marking a notable rise from final yr’s report. Ransomware can also be disproportionally affecting small organizations. In bigger organizations, Ransomware is a part of 39 % of breaches, whereas SMBs skilled Ransomware-related breaches to the tune of 88 % total.
Ransomware complaints to the FBI’s Web Crime Criticism Middle (IC3) elevated 9 % yr over yr with 3,156 being posted in 2024 up from 2,825 and was referred to as probably the most pervasive menace to crucial infrastructure. For the yr, the highest 5 most lively ransomware teams had been Akira, LockBit, RansomHub, FOG, and PLAY, the report famous.

CRYPTOCRIME

Cryptocrime, together with exit scams, rug pulls, and theft is predicted to price the world $30 billion USD in 2025, Cybersecurity Ventures predicts, rising at a fee of round 15 % yearly. That is greater than twice the record-setting (on the time) $14 billion USD misplaced in 2021, in keeping with a report from blockchain analysis agency Chainalysis.
Main media shops globally reported on Feb. 21, 2025 {that a} $1.5 billion (USD) hack of the Bybit cryptocurrency trade was a record-setting cyberattack. The assault has been linked to North Korea’s Lazarus group, a state-sponsored hacking collective. Previous to that, the largest cryptocurrency hack to this point was performed in Mar. 2022 and focused the community that helps the favored Axie Infinity blockchain gaming platform. Hackers breached the Ronin Community and made off with round $625 million value of Ethereum and the USDC stablecoin. U.S. officers mentioned that the Lazarus Group was linked to the theft.
Maybe no entity higher illustrates the professionalization of the cryptocrime ecosystem than the on-line market Huione Assure, in keeping with the Chainalysis 2025 Crypto Crime Report. Huione and all distributors working on their platform have processed greater than $70 billion in crypto transactions since 2021. This platform has offered infrastructure which facilitates the sale of rip-off know-how and processed on-chain transactions for pig butchering and different fraud and scams, addresses reported as stolen funds, sanctioned entities such because the Russian trade Garantex, fraud outlets, baby sexual abuse materials, and Chinese language-language playing websites and casinos, amongst others.
A minimum of $28 billion tied to illicit exercise has flowed into crypto exchanges over the past two years, in keeping with an examination by the Worldwide Consortium of Investigative Journalists, The New York Instances and 36 different information organizations around the globe. The cash got here from hackers, thieves and extortionists. These teams have moved cash onto the world’s largest exchanges, that are on-line marketplaces the place folks can convert U.S. {dollars} or euros into Bitcoin, Ether and different digital cash.
In Jan. 2024, hackers stole round $112 million of the Ripple-focused cryptocurrency XRP from a crypto pockets, Ripple’s co-founder and govt chairman had disclosed. Ripple’s Chris Larsen mentioned on the time that the stolen crypto was his, which might make it one of many largest hacks on a person. He wrote on X that “there was unauthorized entry to a couple of my private XRP accounts (not Ripple) — we had been shortly in a position to catch the issue and notify exchanges to freeze the affected addresses. Regulation enforcement is already concerned.”

RECENT MAJOR HACKS

In Might 2023, a ransomware gang referred to as Clop started abusing a zero-day exploit of Progress Software program’s MOVEit Switch enterprise file switch software. Clop’s widespread assault noticed it steal information from authorities, public, and enterprise organizations worldwide, together with New York Metropolis’s public faculty system, a UK-based HR options and payroll firm with shoppers together with British Airways and BBC, and others. Greater than 2,600 organizations and 77 million folks had been impacted by the MOVEit hack as of Nov. 2023.
In Oct. 2023, MGM Resorts Worldwide mentioned {that a} cyberattack in Sep. 2023 disrupted its operations and would trigger a $100 million hit to its third-quarter outcomes, because it labored to revive its programs. One of many world’s largest playing corporations, MGM shut down its programs after detecting the assault to comprise injury. The scenario grew to become so dire that federal authorities and the White Home grew to become concerned within the restoration effort.
In Dec. 2023, genetic testing firm 23andMe introduced that hackers accessed the private information of 0.1 % of shoppers, or about 14,000 people. The corporate additionally mentioned that by accessing these accounts, hackers had been additionally in a position to entry “a major variety of recordsdata containing profile details about different customers’ ancestry.” However 23andMe wouldn’t say what number of “different customers” had been impacted by the breach that the corporate initially disclosed in early Oct. 2023. Because it seems, there have been a number of “different customers” who had been victims of this information breach: 6.9 million affected people in complete.
Change Healthcare, a subsidiary of healthcare big UnitedHealth was hit by an enormous cyberattack in Feb. 2024. For a number of weeks, healthcare workers in practices throughout the U.S. weren’t in a position to obtain funds from sufferers. CBS Information referred to as it the “greatest ever cybersecurity assault on the American healthcare system”. UnitedHealth’s Apr. 2024 earnings report famous that $872 million had been spent on “unfavourable cyberattacks results,” and the company’s CEO later confirmed that a further $22 million ransom was paid to the hacker group. The corporate expects the cyberattack to price $1.6 billion this yr.
A cyberattack on U.S. pharmaceutical options firm Cencora in Feb. 2024 led to almost a dozen pharma corporations that associate with Cencora to reveal information breaches. Notifications printed by the California Lawyer Normal’s workplace from these firms indicated that the Cencora incident was the catalyst for his or her breaches. The businesses are Bayer, Novartis, Regeneron, AbbVie, Incyte, Genentech, Sumitomo Pharma America, GlaxoSmithKline, Acadia, Endo, and Dendreon. This underscores the interconnected nature of knowledge safety throughout the pharmaceutical business and highlights the ripple impact a single cyberattack can have on a number of organizations.
In Mar. 2024, a number of French state companies had been focused by a denial-of-service (DDoS) assault, that Prime Minister Gabriel Attal’s workplace described as a breach of “unprecedented depth”. Throughout nearly a whole day, over 300 net domains and 177,000 IP addresses related to the federal government had been impacted, together with extreme disruptions to main public service web sites.

Roku mentioned hackers gained unauthorized entry to 576,000 accounts, the corporate’s second data-breach incident this yr, prompting the streaming-hardware maker to institute extra safety measures for customers. In an Apr. 2024 weblog submit, Roku mentioned the hackers possible gained entry to the accounts through the use of usernames and passwords from different websites the place clients could have used the identical login credentials. Any such automated cyberattack is named credential stuffing. San Jose, Calif.-based Roku has a consumer base of 80 million.
Main London hospitals needed to cancel operations and blood transfusions after being hit by a cyberattack that led to them declaring it a “crucial incident” in Jun. 2024. Seven hospitals suffered critical disruption to their companies on account of a ransomware assault focusing on a personal firm that analyses blood assessments for them. Greater than 800 deliberate operations and 700 outpatient appointments had been rearranged within the first week after the assault. The cyber assualt additionally prompted an pressing name for blood donations.
In Jun. 2024, as many as 165 clients of cloud storage supplier Snowflake have been compromised by a bunch that obtained login credentials via information-stealing malware, researchers from Mandiant, a Google-owned safety agency mentioned. Dwell Nation confirmed that information from its TicketMaster group saved on Snowflake had been stolen following a posting providing the sale of the total names, addresses, cellphone numbers, and partial bank card numbers for 560 million Ticketmaster clients. Mandiant mentioned that each one the compromises it has tracked to this point had been the results of login credentials for Snowflake accounts being stolen by infostealer malware and saved in huge logs, generally for years at a time.
Roughly 15,000 automotive dealerships throughout the U.S. and Canada went days in Jun. 2024 with out software program programs essential to working their enterprise, following a number of cyberattacks on CDK World. The corporate is one in all only a handful of seller administration system suppliers that underpin auto retailers’ capability to entry buyer data, schedule appointments, deal with car-repair orders and full transactions, amongst different duties. CDK has confirmed that it’s been the topic of a cyber-ransom occasion, and Bloomberg reported that the corporate was planning to pay the tens of thousands and thousands of {dollars} that the group behind the hacks had demanded with a view to restore service.
A Dec. 2024 information breach involving PowerSchool affected an estimated 62 million college students and 10 million lecturers. The cloud-based software program resolution supplies instruments for enrollment, communication, attendance, workers administration, studying programs, analytics, and finance at greater than 6,000 Ok-12 faculties and districts throughout the USA and Canada. The breach has left mother and father and educators grappling with considerations over privateness and information safety, exposing delicate info that hackers are trying to use on the darkish net. 
In 2025, a infamous predominantly English-speaking hacking group launched an internet site to extort its victims, threatening to launch about a billion data stolen from firms who retailer their clients’ information in cloud databases hosted by Salesforce. The ShinyHunters gang allegedly hacked dozens of high-profile firms by breaking into their cloud-based databases hosted by Salesforce. Insurance coverage big Allianz Life, Google, vogue conglomerate Kering, the airline Qantas, carmaking big Stellantis, credit score bureau TransUnion, and the worker administration platform Workday, amongst a number of others, have confirmed their information was stolen in these mass hacks.The hackers’ leak website lists a number of alleged victims, together with FedEx, Hulu (owned by Disney), and Toyota Motors.
Google mentioned in Oct. 2025 that there have been more likely to be greater than 100 firms affected by an bold hacking marketing campaign that focused Oracle’s suite of enterprise merchandise, an early evaluation that would portend wide-ranging injury. Google, mentioned in a press release that “mass quantities of buyer information” had been stolen in an operation it mentioned could have begun as early as three months in the past. As of Dec. 2025, the variety of firms and damages reported are nonetheless being tallied.

BIGGEST HACKS EVER

In 2020, state-backed hackers exploited a ubiquitous SolarWinds software program product with a view to spy on authorities and enterprise networks around the globe, together with within the U.S., U.Ok., Israel and Canada. The cyber spies lurked in electronic mail companies, and posed as reputable staffers to faucet confidential info saved within the cloud. The bombshell revelations despatched 18,000 uncovered SolarWinds clients scrambling to evaluate whether or not outsiders did certainly enter their programs, what the injury was and the way to repair it.The sprawling operation focused among the US authorities’s most delicate information.
World meat provider JBS was hit by an enormous assault in the course of the 2021 Memorial Day weekend. This was one of many greatest hacks in historical past to have an effect on a participant in meals manufacturing. This ransomware assault introduced its beef and pork slaughterhouses in North America and Australia to a standstill. The corporate obliged the attackers’ demand and paid an $11 million USD ransom to renew its operations.
In Might 2017, an enormous ransomware assault referred to as WannaCry unfold to over 200,000 pc programs throughout 150 international locations. The assault encrypted recordsdata on contaminated programs and demanded ransom funds in Bitcoin to decrypt them. Complete monetary losses from the WannaCry assault had been estimated to exceed $4 billion.
In Jun. 2017, organisations around the globe had been hit by one other harmful ransomware assault referred to as NotPetya. It’s thought of one of the crucial damaging cyber assaults to this point, inflicting over $10 billion in damages. Main multinational firms had been severely impacted, together with delivery firm Maersk, pharmaceutical big Merck, and the French building firm Saint-Gobain. The assault additionally crippled pc programs throughout Ukraine the place it’s believed to have originated.
The credit score reporting company Equifax introduced in Sep. 2017 that the private info of over 145 million People had been uncovered in an enormous information breach. The attackers exploited a safety flaw to realize entry to Equifax programs and stole delicate buyer info together with Social Safety numbers, birthdates, addresses, and a few driver’s license numbers.
In Nov. 2014, a hacker group calling itself the “Guardians of Peace” carried out a devastating cyber assault in opposition to Sony Photos in retaliation for the deliberate launch of the comedy movie The Interview. The hackers stole and launched over 100 terabytes of confidential information together with upcoming movie scripts, worker salaries, monetary data, and 1000’s of personal emails. In addition they wiped over half of Sony Photos’ world community.
In what is taken into account the most important information breach in historical past, all 3 billion Yahoo consumer accounts had been compromised by a 2013 breach that went undetected for 3 years. The attackers, believed to be state-sponsored hackers from Russia, stole names, electronic mail addresses, cellphone numbers, birthdates, and encrypted passwords from Yahoo’s consumer database. A separate 2014 intrusion additionally allowed hackers to realize the account keys wanted to entry the non-public info of over 500 million accounts.
The 2013 Cryptlocker malware attacked upwards of 250,000 machines by encrypting their recordsdata. It displayed a pink ransom notice with a fee window accompanied. The virus’ creators used a worm referred to as the Gameover Zeus botnet to make and ship copies of the CryptoLocker virus. Though CryptoLocker itself was simply eliminated, the affected recordsdata remained encrypted in a approach which researchers thought of unfeasible to interrupt. Many mentioned that the ransom shouldn’t be paid, however didn’t provide any method to get better recordsdata; others mentioned that paying the ransom was the one method to get better recordsdata that had not been backed up. Some victims claimed that paying the ransom didn’t all the time result in the recordsdata being decrypted.
The Stuxnet worm, uncovered in 2010, was a complicated cyber weapon used to goal and injury Iran’s nuclear enrichment services. Stuxnet briefly crippled Iran’s capability to develop nuclear materials and triggered about one-fifth of centrifuges to be destroyed. The virus is extensively attributed as a joint effort by U.S. and Israeli intelligence businesses.
The bank card fee processor Heartland Fee Programs was compromised in 2008, and an estimated 130 Million buyer accounts had been accessed, making it one of many largest bank card hacks in historical past. Albert Gonzalez and two Russian hackers positioned sniffer applications throughout the Heartland system. These sniffers intercepted bank card credentials in actual time and relayed the information again to them.He was discovered responsible in 2010 and sentenced to an unprecedented 20 years in jail.

HISTORIC VIRUSES

For pc buffs visiting Pakistan’s historic metropolis of Lahore, it appeared too good a discount to go up. A store referred to as Mind Laptop Companies was promoting brand-name pc applications, akin to Lotus 1-2-3 and WordStar, for as little as $1.50 every, in keeping with TIME. From early 1986 to late 1987, scores of People — most of them college students and backpackers — snapped up cut-rate disks to be used on their computer systems again dwelling. Hidden in practically each disk was an additional program not provided by any producer: a snippet of pc code many thought of to be the world’s most subtle pc virus. Each time an unsuspecting consumer lent his new disk to a good friend or colleague, and each time the disk was run on a machine shared by different customers, the code unfold from one pc to a different. The so-called Mind virus had discovered its approach onto not less than 100,000 floppy disks, generally with data-destroying affect. In every case the illicit program left behind a calling card for these savvy sufficient to search out it: a message that started with the phrases WELCOME TO THE DUNGEON, and was signed by brothers Amjad Farooq Alvi, 26, and Basit Farooq Alvi, 19, the house owners of Mind Laptop Companies.
At round 8:30pm EST on Nov. 2, 1988, a trojan horse developed by 23-year-old Robert Morris was unleashed on the Web from a pc on the Massachusetts Institute of Expertise (MIT), in keeping with the FBI. The Morris Worm was quickly propagating at outstanding velocity and grinding computer systems to a halt. Inside 24 hours, an estimated 6,000 of the roughly 60,000 computer systems that had been then related to the Web had been hit. The rogue program had contaminated programs at various the celebrated faculties and private and non-private analysis facilities that made up the early nationwide digital community. This was a yr earlier than the invention of the World Huge Net. The Morris Worm impressed a brand new era of hackers and a wave of Web-driven assaults that proceed to plague our digital programs to this present day.
Neel Mehta of Google’s safety group privately reported Heartbleed to the OpenSSL group on Apr. 1, 2014. Codenomicon found it independently at roughly the identical time, and reported HeartBleed on Apr. 3, 2014. On the time of disclosure, some 17 % (round half 1,000,000) of the Web’s safe net servers licensed by trusted authorities had been believed to be susceptible to the assault, permitting theft of the servers’ non-public keys and customers’ session cookies and passwords. Journalists deemed the Heartbleed bug “catastrophic”.
The Zeus pc virus is a web based theft software that hit the net in 2007. A whitepaper by Unisys three years later estimated that it was behind 44 % of all banking malware assaults. By then, it had breached 88 % of all Fortune 500 firms, 2,500 organizations complete, and 76,000 computer systems in 196 international locations.The Zeus botnet was a bunch of applications that labored collectively to take over machines for a distant “bot grasp.” It originated in Japanese Europe and was used to switch cash to secret financial institution accounts. Greater than 100 members of the crime ring behind the virus, largely within the U.S., had been arrested in 2010.
The worst pc virus outbreak in historical past, in keeping with HP, Mydoom triggered estimated injury of $38 billion in 2004. Also called Novarg, this malware is technically a “worm,” unfold by mass emailing. At one level, the Mydoom virus was answerable for 25 % of all emails despatched. Although a $250,000 reward was provided, the developer of this harmful pc worm was by no means caught. Mydoom scraped addresses from contaminated machines, then despatched copies of itself to these addresses. It additionally roped these contaminated machines into an online of computer systems referred to as a botnet that carried out distributed denial of service (DDoS) assaults. These assaults had been meant to close down a goal web site or server.
The Sobig Worm was a pc worm that contaminated thousands and thousands of Web-connected, Microsoft Home windows computer systems in Aug. 2003. As of 2018, Sobig is the second quickest pc worm to have ever entered the wild, being surpassed solely by Mydoom. Sobig was not solely a pc worm within the sense that it replicates by itself, but additionally a Computer virus in that it masquerades as one thing aside from malware.
20 years in the past, the web got here as near a complete meltdown as we’ve seen since its commercialization within the Nineteen Nineties. A UDP community worm payload of simply 376 bytes, focusing on UDP vacation spot port 1434, aggressively propagated to all susceptible, internet-connected Microsoft SQL Server hosts worldwide inside a matter of minutes. Popularly referred to as the SQL Slammer (although the title Sapphire was urged throughout the educational neighborhood, it didn’t catch on) worm, it contaminated round 75,000 susceptible servers worldwide. The numerous disruption it triggered made worldwide information. It was sufficient to carry many networks to a screeching halt, and disrupted retail bank card point-of-sale programs and ATMs worldwide
With practically $20 billion in estimated damages, The Klez Worm contaminated about 7.2 % of all computer systems in 2001, or 7 million PCs. Klez despatched pretend emails, spoofed acknowledged senders and, amongst different issues, tried to deactivate different viruses. As with different viruses and worms, Klez was launched in a number of variants. It contaminated recordsdata, copied itself, and unfold all through every sufferer’s community. It hung round for years, with every model extra harmful than the final.
Code Crimson was a pc worm noticed on the Web on Jul. 15, 2001. It attacked computer systems working Microsoft’s IIS net server. It was the primary large-scale, mixed-threat assault to efficiently goal enterprise networks. The Code Crimson pc virus was one more worm that penetrated 975,000 hosts. It displayed the phrases “Hacked by Chinese language!” throughout contaminated net pages, and it ran fully in every machine’s reminiscence. Generally it left no hint in onerous drives or different storage. Monetary prices are pegged at $2.4 billion. The virus attacked web sites of contaminated computer systems and delivered a distributed denial of service (DDoS) assault on the U.S. White Home’s web site.
ILOVEYOU, generally known as the Love Bug or Loveletter, was a pc worm that contaminated over ten million Home windows private computer systems on and after Might 5, 2000. It began spreading as an electronic mail message with the topic line “ILOVEYOU” and the attachment “LOVE-LETTER-FOR-YOU.TXT.vbs.” Onel de Guzman, a then-24-year-old pc science scholar at AMA Laptop School and resident of Manila, Philippines, created the malware.

ARTIFICIAL INTELLIGENCE (AI)

The mixing of AI into cybersecurity merchandise is revolutionizing how organizations defend their programs and information, in keeping with McKinsey. Greater than 90 % of AI capabilities in cybersecurity are anticipated to return from third-party suppliers, making it simpler for firms to undertake cutting-edge options as they improve their present safety stack. 
In 2015, Carnegie Mellon College researchers demonstrated that giant language fashions (LLMs) can autonomously plan and perform subtle cyberattacks with out human intervention. The analysis, performed in partnership with synthetic intelligence agency Anthropic, confirmed that AI might replicate the 2017 cyberattack on Equifax by autonomously exploiting vulnerabilities, putting in malware and stealing information.The Equifax breach compromised roughly 147 million clients’ information, making it one of many largest information breaches in U.S. historical past. 
Cybersecurity consultants have warned for months that totally autonomous cyberattacks — wherein AI brokers execute a whole operation with minimal human enter — had been 12 to 18 months away. That timeline simply shrank. Anthropic mentioned Claude automated 80–90 % of the newest Chinese language espionage marketing campaign. In response, main cybersecurity distributors are going all-in on AI, constructing programs that each automate primary defenses (i.e., detecting phishing emails and shutting down suspicious scripts earlier than they execute) and assist them anticipate the place adversaries’ fashions may strike subsequent.
In Apr. 2024, Google, an early AI safety mover, introduced a main Gmail AI safety replace for its three billion customers. The outcomes: 20 % extra spam is blocked in Gmail utilizing giant language fashions (LLMs); 1,000 % extra user-reported Gmail spam is reviewed every day; 90 % sooner response time coping with new spam and phishing assaults in Google Drive.
Gartner predicts that by 2026, enterprises that mix GenAI with an built-in platforms-based structure in safety conduct and tradition applications (SBCP) will expertise 40 % fewer employee-driven safety incidents. 
In keeping with Deloitte, potential fraud losses for monetary companies establishments within the U.S. alone might attain $40 billion USD by 2027, highlighting why monetary companies are racing to strengthen their defenses. The response has been decisive: 91 % of U.S. banks presently use AI for fraud detection, whereas 83 % of anti-fraud professionals deliberate to include GenAI into their programs by 2025.
Phishing assaults over the previous yr elevated by 1,265 %, attributed to progress of generative AI instruments, and the variety of reported AI-enabled cyber assaults rose 47 % globally in 2025. Within the Cisco 2025 Cybersecurity Readiness Index: 86 % of enterprise leaders with cyber tasks reported not less than one AI-related incident over the previous 12 months.

CYBERSECURITY MARKET

Cybersecurity Ventures predicts that world spending on cybersecurity services will hit $522 billion yearly (USD) in 2026, up from $260 billion in 2021.This consists of all international locations globally, B2B and B2C, plus a portion of any markets which are converged with cybersecurity akin to quantum safety, bodily safety and surveillance, authorities info safety and navy cyber protection know-how (all nations), area cyber protection, and likewise counts in cyberinsurance insurance policies.
AI is increasing a $2 trillion complete addressable market (TAM) for cybersecurity suppliers, in keeping with a 2024/2025 examine by McKinsey, a world administration consulting agency and trusted advisor to main companies, governments, and establishments.
Right now, practically 15 % of (company) cybersecurity spending comes from outdoors the chief info safety workplace (CISO), and non-CISO cyber spending is anticipated to develop at a 24 % CAGR over the following three years, in keeping with the McKinsey examine, which fits on to state that this has modified from a decade in the past, when nearly all cybersecurity spending got here from the CISO group.
The U.S. and Western Europe will account for greater than 70 % of worldwide safety spending in 2025, in keeping with the newest forecast from the “Worldwide Safety Spending Information”, printed by IDC. Nonetheless, all geographic areas had been anticipated to see constant progress in safety spending in 2025, with the very best will increase in Latin America, Central and Japanese Europe, and the Center East and Africa.

AI is reshaping practically each business – and cybersecurity isn’t any exception. One analysis report estimates that the worldwide marketplace for AI-based cybersecurity merchandise was about $15 billion in 2021 and can surge to roughly $135 billion by 2030.
A major quantity of company, authorities, and small-to-midsized (STM) spending in our area has gone to Microsoft, who in fiscal 2025 generated round $37 billion in cybersecurity income, representing about 14 % of its complete income, in keeping with Investing.com, and its safety enterprise can attain $50 billion by 2030 if it grows at a mid-teens CAGR.
World spending on safety consciousness coaching for workers (beforehand one of the crucial underspent cybersecurity funds objects) is predicted to exceed $10 billion USD by 2027, in keeping with Cybersecurity Ventures, up from round $5.6 billion USD in 2023.
In keeping with Gartner, worldwide safety companies income exceeded $77 billion in 2024, and Large 4 consulting big Deloitte had the most important market share with 16.6 %. That places Deloitte’s annual safety companies revenues at greater than $12.7 billion. Deloitte has a military of greater than 40,000 safety companies professionals.
The U.S. spends greater than $25 billion on cybersecurity yearly to defend federal programs in opposition to rising threats from hackers, ransomware teams and state- sponsored actors, in keeping with Palo Alto Networks. Deltek estimates the federal cybersecurity market at $18.8 billion in 2026, rising to $20.7 billion in 2028. The U.S. has the most important cybersecurity funds out of all nations for safeguarding its authorities in opposition to cyber threats.

CYBERINSURANCE

The primary cyberinsurance product within the U.S. emerged in 1996/1997 when AIG launched its Web Safety Legal responsibility (ISL) product. The ISL normal plan coated authorized prices and settlement charges if buyer bank cards had been stolen from insured firms’ servers and the bank card firm failed to guard them.
Cybersecurity Ventures predicts the cyberinsurance market will develop to $14.8 billion USD in 2025 and can exceed $34 billion USD by 2031, based mostly on a compound annual progress fee (CAGR) of 15 % calculated over an 11-year interval (2020 to 2031).
One of many world’s largest cyber insurance coverage corporations is reportedly pulling again from the market. That firm, Beazley, is coping with rising claims and falling costs, at the same time as opponents double down on insurance policies overlaying ransomware calls for and different cyberattacks, the Monetary Instances (FT) reported in Nov. 2025. (Nov. 30). The corporate just lately reported that cyber gross written premiums, a measure of top-line income, fell 8 % within the 9 months to Sept. 30 to $848 million. Whereas Beazley has diminished its publicity, Chubb and AIG, two of its greatest rivals within the U.S. market, have maintained or grown their books, the report added. These diverging methods underline volatility within the nascent sector.
Attackers are leveraging AI to automate and scale phishing, ransomware and deepfake assaults, making threats sooner and tougher to detect. Aon analysis discovered {that a} rise in AI-driven deepfake assaults resulted in a 53 % improve in social-engineering incidents year-over-year, and social engineering and fraud claims elevated by 233 %.
Whereas cyber insurance coverage claims within the Resilience portfolio dropped by 53 % within the first half of 2025—suggesting that organizations are getting higher at stopping assaults—the monetary injury from profitable incidents has really elevated. The 2025 Midyear Cyber Danger Report reveals that when cybercriminals do break via Resilience consumer defenses, they’re hitting 17 % tougher than earlier than, with ransomware assaults now averaging over $1.18 million in damages.
When deemed cheap and needed, 44 % of Coalition cyberinsurance policyholders that skilled a ransomware incident over the previous yr opted to pay the ransom. Coalition Incident Response (CIR) was in a position to negotiate ransom funds down by a median of 60 %.
The potential in Europe is evident: 41 % of companies with over €500 million in income intend to buy cyberinsurance for the primary time within the subsequent 5 years, in keeping with Howden’s 2025 Cyberinsurance Report. For a €500 million enterprise, cyberinsurance can save roughly €16 million in attack-related prices over ten years. Meaning a 19 % return on funding – a compelling worth proposition. With charges persevering with to fall within the low-double-digit vary, present market circumstances current a extremely beneficial entry level for brand spanking new patrons in Europe.

BIG TECH

In 2021, Google introduced an funding of greater than $10 billion via 2025 in cybersecurity. The trouble will embrace serving to to safe the availability chain and strengthening open-source safety. Google additionally mentioned they’re coaching 100,000 People for important information privateness and safety jobs. They’re offering $15 million to create 15 new cybersecurity clinics at universities throughout the nation, the corporate knowledgeable in Jun. 2024. The tech big has additionally funded 2,000 college students to earn a Profession Certificates in Cybersecurity in Africa. Final yr, Google began providing a Cybersecurity Skilled Certificates coaching program for anybody, together with these with no background in coding or pc science. This system, created by cybersecurity consultants at Google, is designed to offer folks with job-ready expertise in beneath 6 months to jumpstart their profession.
IBM has dedicated to offering 30 million folks in additional than 30 international locations throughout the Americas, Asia Pacific, Europe, Center East and Africa, with studying alternatives to plug expertise gaps within the know-how sector, cybersecurity included, by 2030. Partnerships prolong to NGOs specializing in underserved youth, ladies, and navy veterans.
In Jun. 2024, Cisco Investments, the worldwide company enterprise funding arm of Cisco, launched a $1B AI funding fund to bolster the startup ecosystem and develop the event of safe, dependable, and reliable AI options. Cisco has already dedicated practically $200M of the $1B funding fund to this point.

BOARDROOM

Cybersecurity Ventures predicts that by 2025, 35 % of Fortune 500 firms can have board members with cybersecurity expertise, and by 2031 that may climb to greater than 50 %. That is up from a Heidrick & Struggles estimate of 17 % in 2021.
Legal responsibility for cyber-physical safety incidents had been anticipated to pierce the company veil to private legal responsibility for 75 % of CEOs by 2024, in keeping with Gartner, Inc. Because of the nature of cyber-physical programs (CPSs), incidents can shortly result in bodily hurt to folks, destruction of property or environmental disasters. Gartner predicts that the monetary affect of CPS assaults leading to deadly casualties will attain over $50 billion by 2023.
Lack of board entry is the primary issue for CISO dissatisfaction, in keeping with a Sep. 2025 CSO story citing analysis that states practically 40 % of CISOs at small and mid-market organizations have minimal or no entry to full boards.
The CISO’s rise to the C-suite comes with extra engagement with the boardroom, an viewers with the CEO, and the ability to make strategic choices for the enterprise, in keeping with Splunk. 82 % of surveyed CISOs report on to the CEO in 2025, a major improve from 47 % in 2023. As well as, 83 % of CISOs take part in board conferences considerably typically or more often than not. Whereas 60 % acknowledge that board members with cybersecurity backgrounds extra closely affect safety choices, solely 29 % of CISOs say their board consists of not less than one member with cybersecurity experience.
Solely 29 % of CISOs mentioned they obtain the correct funds for cybersecurity initiatives and attaining their safety targets, in contrast with 41 % of board members who assume cybersecurity budgets are simply wonderful, in keeping with 2025 report from Oxford Economics, who surveyed 600 respondents, 500 of them CISOs, CSOs, or equal safety leaders, and 100 board members.

WOMEN IN CYBER

There’s a scarcity of girls within the cybersecurity business. A Cybersecurity Ventures report discovered that ladies accounted for 25 % of cybersecurity jobs worldwide in 2022. The group predicted that girls “will characterize 30 % of the worldwide cybersecurity workforce by 2025, and that may attain 35 % by 2031.”
Black ladies are a vastly underrepresented group in know-how and cybersecurity. The Nationwide Middle for Girls & Data Expertise (NCWIT) has said that of the 25 % of girls working in tech, simply 3 % of them are black. And solely an undetermined fraction of these ladies are in cybersecurity.
It’s extensively assumed that the majority cybercriminals are male. A report from Development Micro sheds mild on the numbers and finds that roughly 30 % of cybercriminal discussion board contributors are ladies.
In 2018, Woman Scouts of the USA (GSUSA) partnered with Palo Alto Networks so as to add cybersecurity badges to Woman Scout programming. By 2023, greater than 315,00 cybersecurity badges had been earned by Woman Scouts. 
In Mar. 2024, Cisco signed an settlement with the Karnataka authorities in India beneath which it would prepare 40,000 folks in cybersecurity expertise and consciousness. Out of that, 50 % can be ladies to assist meet the rising want for cyber expertise as organizations look to bolster defences in opposition to an evolving and complicated menace panorama.
Veeam Software program’s collaboration with Girls In Cloud, launched in Aug. 2025, to certify a million folks in AI, cloud, and cybersecurity, is designed to unlock safe digital livelihoods and propel India’s management within the world AI-powered economic system.

CHIEF INFORMATION SECURITY OFFICERS

The world’s first CISO was anointed in 1994, when monetary companies big Citigroup (then Citicorp) arrange a specialised cybersecurity workplace after struggling a collection of cyberattacks from Russian hackers.
Cybersecurity Ventures estimates there are actually not less than 32,000 CISOs employed worldwide. Zippia, established via a database of 30 million profiles and verified in opposition to Census Bureau information, estimates over 7,523 chief safety officers (an interchangeable time period with CISOs) are “presently employed” within the U.S.
In keeping with Cybersecurity Ventures, one hundred pc of Fortune 500 firms and the vast majority of World 2000 organizations make use of a CISO or an equal position in 2025, up from 70 % in 2018.
Whereas 67 % of CISOs say their cybersecurity tradition is robust, a placing 76 % consider their group is vulnerable to a cloth cyberattack within the subsequent 12 months—up from 70 % in 2024, in keeping with Proofpoint’s 2025 Voice of the CISO Report. This paradox displays a rising sentiment: breaches are more and more considered as inevitable moderately than avoidable.The rise in concern isn’t with out advantage. Two-thirds (66 %) of CISOs reported a cloth lack of delicate info up to now yr—up dramatically from 46 % in 2024. Regardless of investments in safety posture and consciousness, greater than half (58 %) of CISOs nonetheless felt unprepared for a cyberattack in 2025.
Gartner estimates that by 2025, practically half of cybersecurity leaders will change roles — and 25 % for various roles fully — as a result of stress, psychological strain, and burnout, amongst different components.
The gender hole stays a chasm once we take into account the highest roles in cybersecurity. For instance, in 2025 ladies maintain lower than 20 % of CISO roles at Fortune 500 firms, in keeping with analysis from Cybersecurity Ventures.

CYBERSECURITY JOBS

World cybersecurity job vacancies grew by 350 %, from a million openings in 2013 to three.5 million in 2021, sufficient to fill 50 NFL stadiums, in keeping with Cybersecurity Ventures.
The variety of unfilled jobs leveled off in 2022, and stays at 3.5 million (or much less) in 2025, with round a half-million of these positions within the U.S., in keeping with CyberSeek. Trade efforts to supply new expertise and sort out burnout continues, however we predict that the disparity between demand and provide will stay for not less than the following a number of years, particularly with the emergence of AI in cybersecurity.
Employment of info safety analysts is projected to develop 32 % from 2022 to 2032, a lot sooner than the typical for all occupations, in keeping with the U.S. Bureau of Labor Statistics (BLS). The median annual wage for info safety analysts was practically $125,000 as of Might 2024.
India alone was anticipated to create a million new cybersecurity jobs by 2025, in keeping with a NASSCOM estimate in 2016. The Indian cybersecurity market was projected to be near a valuation of $500 billion USD by 2030.
The cybersecurity unemployment fee for probably the most skilled positions hovers at round zero %, and can possible stay so for years to return. However these positions emake up a small share of the general variety of jobs in our business.
A number of CISOs reported incomes $5 million a yr (together with bonuses and annual fairness grants), and the median CISO acquired $532,000 in complete compensation, in keeping with a Might 2025 story in CSO. The info comes from a survey of U.S. enterprises with greater than $1 billion in annual revenues.
The median Chief Data Safety Officer wage within the U.S. in 2025 is $384,715, in keeping with Wage.com. The prime paying cities for CISOs are San Francisco, New York, and Boston.

SOME HISTORY

The world’s first nationwide information community was constructed in France in the course of the 1790s. It was a mechanical telegraph system, consisting of chains of towers, every of which had a system of movable wood arms on prime. The French telegraph system was hacked in 1834 by a pair of thieves who stole monetary market info — successfully conducting the world’s first cyberattack.
Earlier than pc hacking, there was phreaking. The “ph-” was for cellphone, and the phreaks preferred to reverse engineer the system of tones that telecommunications firms used for long-distance dialing. Recreating the tones for every quantity, at simply the best pitch, might imply making a free name moderately than working up costly prices. In 1957, Joe Engressia (Joybubbles), a blind, 7-year-old boy with excellent pitch, hears a high-pitched tone on a cellphone line and begins whistling alongside to it at a frequency of 2600Hz, enabling him to speak with cellphone traces and turn into the U.S.’s first cellphone hacker or “cellphone phreak.”
The trendy definition of the phrase “hack” was first coined at MIT in April 1955, and the primary recognized point out of pc hacking occurred in a 1963 problem of The Tech.
The first pc virus, Creeper, was named after a Scooby-Doo cartoon present character. Creeper was written in 1971 by BBN pc programmer Bob Thomas as an experiment in self-duplicating code.
The primary notable ransomware incident was brought on by the AIDS Trojan. Malicious floppy disks containing the Trojan had been handed out to roughly 20,000 attendees of the World Well being Group’s AIDS convention by “the daddy of ransomware,” Joseph Popp. Victims had been instructed to ship $189 to PC Cyborg Company at a PO field in Panama. Though, because it was easy malware, decryption instruments had been made obtainable shortly.

– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

About Evolution Fairness