Cybersecurity Market Research. PHOTO: Cybercrime Magazine

Cybersecurity Research: All In One Place

The facts, figures, statistics, and predictions that we follow Sponsored by KnowBe4

Steve Morgan, Editor-in-Chief

Northport, N.Y. – Dec. 5, 2022

Cybersecurity Ventures formulates our own ground-up research — plus we vet, synthesize and repurpose research from the most credible sources (analysts, researchers, associations, vendors, industry experts, media publishers) — to provide our readers with a birds-eye view of cybercrime and the cybersecurity industry.

Before you dive into all of our reports, you might want to read the “Top 10 Cybersecurity Predictions and Statistics for 2023” from the editors at Cybercrime Magazine.


Reports from the editors at Cybersecurity Ventures:

  • 2022 Cybersecurity Almanac – Cybersecurity Ventures is excited to release this special second annual edition of the Cybersecurity Almanac, a handbook containing the most pertinent statistics and information for understanding cybercrime and the cybersecurity market. Learn about important dates in history, statistical information, cyberattacks, data breaches, criminals, and much more.
  • 2022 Cybercrime Report – We expect global cybercrime damage costs to grow by 15 percent per year over the next three years, reaching $10.5 trillion annually by 2025, up from $6 trillion in 2021, and $3 trillion in 2015. If it were measured as a country, then cybercrime would be the world’s third-largest economy after the U.S. and China.
  • 2022 Ransomware Report – Global ransomware damage costs are predicted to reach $265 billion by 2031, up from $20 billion in 2021. The dollar figure is based on 30 percent year-over-year growth in damage costs over the next 10 years. A ransomware attack is expected to strike a business or consumer every 2 seconds by 2031, up from every 11 seconds in 2021.
  • 2022 Cybersecurity Jobs Report – Over an eight-year period tracked by Cybersecurity Ventures, the number of unfilled cybersecurity jobs grew by 350 percent, from one million positions in 2013 to 3.5 million in 2021. For the first time in a decade, the cybersecurity skills gap is leveling off. Looking five years ahead, we predict the same number of openings in 2025.
  • 2022 Cybersecurity Market Report – The imperative to protect increasingly digitized businesses, Internet of Things (IoT) devices, and consumers from cybercrime will propel global spending on cybersecurity products and services to $1.75 trillion cumulatively for the five-year period from 2021 to 2025, according to Cybersecurity Ventures.

  • 2022 Cyberinsurance Report – Cybersecurity Ventures predicts the cyberinsurance market will grow from approximately $8.5 billion in 2021 to $14.8 billion in 2025, and exceed $34 billion by 2031, based on a CAGR (compound annual growth rate) of 15 percent over an 11-year period (2020 to 2031) calculated.
  • 2022 Cryptocrime Report – Rapid growth in the use of decentralized finance (DeFi) services is creating a new soft spot for global financial systems, fostering new methods of cryptocrime for cybercriminals whose “rug pulls” and other attacks will, Cybersecurity Ventures predicts, cost the world $30 billion in 2025 alone.
  • 2022 Women In Cybersecurity Report – Women hold 25 percent of cybersecurity jobs globally in 2022, up from 20 percent in 2019, and around 10 percent in 2013. We predict that women will represent 30 percent of the global cybersecurity workforce by 2025, and that will reach 35 percent by 2031.
  • 2022 Security Awareness Training Report – Cybersecurity Ventures predicts the overall market for security awareness training products and services will be worth $10 billion annually by 2027. In late 2014, Garnter estimated the overall security awareness training market (including CBT) to be $1 billion.
  • 2022 Boardroom Cybersecurity Report – The SEC recently proposed new rules that would require U.S. public company boardroom disclosure of corporate directors with cybersecurity expertise. Cybersecurity Ventures predicts by 2025, 35 percent of Fortune 500 companies will have board members with cybersecurity experience, and by 2031 that will climb to 50 percent.


More statistics from Cybersecurity Ventures:

  • The world will store 200 zettabytes of data by 2025. This includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, on personal computing devices — PCs, laptops, tablets, and smartphones — and on IoT (Internet-of-Things) devices.
  • We predict the world will need to secure 338 billion lines of new software code in 2025, up from 111 billion lines of new code in 2017, based on 15 percent year-over-year growth in new code.
  • More than 300 billion passwords were used by humans and machines worldwide in 2021.
  • The world’s first CISO was anointed in 1994, when financial services giant Citigroup (then Citicorp) set up a specialized cybersecurity office after suffering a series of cyberattacks from Russian hackers.
  • 100 percent of Fortune 500 companies employ a CISO or equivalent in 2022, up from 70 percent in 2018.

  • Women filled 17 percent of Fortune 500 CISO positions in 2022 (85 out of 500 companies) according to a study we conducted.
  • CISOs are job-hopping faster than most. We recently found that 24 percent of Fortune 500 CEOs have been working in their roles for just one year, on average.
  • We predict the global healthcare cybersecurity market will grow by 15 percent year-over-year over the next five years, and reach $125 billion cumulatively over a five-year period from 2020 to 2025.
  • Roughly one million more people join the internet every day. We expect there will be 6 billion people connected to the internet interacting with data in 2022, up from 5 billion in 2020 — and more than 7.5 billion internet users in 2030. If street crime grows in relation to population growth, so will cybercrime.
  • More than half of all cyberattacks are committed against small-to-midsized businesses (SMBs), and 60 percent of them go out of business within six months of falling victim to a data breach or hack.

Contact us for information about our cybersecurity and cybercrime facts, figures, statistics, and predictions – and to learn about opportunities to sponsor or co-publish reports with us.

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.

Sponsored by KnowBe4

KnowBe4 is the provider of the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. We help you address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Tens of thousands of organizations like yours rely on us to mobilize your end users as your last line of defense.