8 Worrying Cybersecurity Statistics You Need to Know in 2024

We asked over 1,000 businesses about data breaches and their readiness to defend against them. Here's what we found.

The year 2023 was littered with cyber attacks, data breaches, and other online criminal activity targeting both businesses and consumers. Unfortunately, there’s no reason to believe 2024 will be any different. Now more than ever, businesses have to be on their guard to defend against the latest cybersecuruity threats.

According to Tech.co’s Impact of Technology on the Workplace report, employees are the weak point when it comes to business security, with phishing attacks and employee errors among the top causes of data breaches in 2023..

Despite these worrying trends, the report found that the vast majority of businesses aren’t using key cybersecurity tools. In this article, we’ll go through the need-to-know cybersecurity statistics for 2024, including more of Tech.co’s original findings.

Want to learn even more? You download our full report for free and read it at your leisure.

The Top Cybersecurity Statistics You Should Know in 2024

  • Phishing attacks were the top reason for data breaches in 2023
  • 11% of business leaders are “unsure” if their company had a data breach during 2023 
  • 40% believe cyber-threats will “highly affect” their organization’s performance in 2024 
  • 59% of respondents revealed that they aren’t using a VPN
  • 66% of respondents reported not using Password Managers 
  • Almost one-fifth (19.5%) of businesses are now using AI for cybersecurity

All statistics sourced from Tech.co’s Impact of Technology on the Workplace Report 2024.

Data Breach Trends for 2024

Here, we’ll go through some of the top cybersecurity statistics that we gleaned from our survey data, specifically concerning the prevalence of data breaches.

1. Phishing attacks were the top reason for data breaches in 2023 (Tech.co, 2024)

According to the business leaders that told Tech.co their company had experienced a data breach in 2023, 23% said that a phishing attack was to blame, while 12% put it down to employee errors, such as sending information to the wrong email address. A further 22% determined the source to be a computer virus such as ransomware. 

Figures for options like this – which involve some human engagement – were significantly higher than sources such as unsecured Wi-Fi (8%) and Advanced Persistent Threats (9%). This suggests that businesses should treat training and educating staff as pivotal to their cybersecurity strategy as software is. 

sources of data breaches from tech.co annual report

2. 11% of businesses were “unsure” whether their organization had a data breach in 2023 (Tech.co, 2024)

One of the more concerning cybersecurity statistics from Tech.co’s annual report is that more than 1 in 10 business leaders (11%) were unsure if they’d suffered a data breach in 2023.

Better visibility, then, is needed for those in leadership positions. Data breach recovery and damage limitation often require an all-hands-on-deck approach, so it’s strange to see that a significant proportion of executives aren’t clued in.

3. The majority of businesses did not experience a data breach in 2023 (Tech.co, 2024)

A rare pleasant surprise from our findings is that 78% of the businesses that responded to our survey didn’t experience a data breach in 2023.

While data breaches are a common and ever-present threat to any businesses that store sensitive information about their employees, clients and customers online, if you implement the right steps to secure it, you’ll greatly reduce your risk of becoming a target.

That said, the fact that 22% of businesses did suffer a breach is plenty alarming. It means your organization’s odds of suffering a breach are nearly 1 in 4, further underlining the importance of having a robust cybersecurity strategy complete with the right tools.

4. Data breaches are more common in businesses with more than 25 employees (Tech.co, 2024)

Interestingly, when you employ your 25th employee, your chance of being affected by a data breach almost triples, while companies with more than 50 people on their payroll are even more likely to be compromised by cybercriminals.

tech.co data breach graphic

Cybersecurity Impact on Company Performance

5. Cybersecurity threats could “highly affect” company performance in 2024 (Tech.co, 2024)

40% of business leaders think cybersecurity threats will “highly affect” their organization’s performance this year. This was higher than the percentage of businesses that said 5G (36%) and remote collaboration technology (38%) would “highly affect” their business.

Additionally, almost a third (28%) of the respondents we spoke to said it would moderately impact their business operations in 2024, while only 13% thought the impact would be “very low”.

VPNs and Password Managers

Along with some questions about data breaches, we also asked businesses that participated in our survey some questions about the cybersecurity tools they’re using. According to IBM, the cost of an average data breach in 2023 was $4.45 million, so it’s paramount that companies of all sizes invest in the cybersecurity software needed to secure their networks. 

6. The majority of respondents don’t use VPNs or Password Managers (Tech.co, 2024)

Did you think all businesses were using secure VPNs? Well, think again – 59% of respondents to our 2024 Impact of Technology on the Workplace survey said they don’t use a VPN

This is particularly concerning when read alongside the fact that 15% of the data breaches respondents told us about originated from unsecured Wi-Fi networks (8%) or supposedly encrypted data being intercepted (7%) – two risks VPNs help to mitigate thanks to their ultra-secure serves and IP-masking capabilities. 

Similarly, almost two-thirds (66%) of respondents said they weren’t using password managers. This may indicate that a passwordless society – one where passkeys rule supreme – might be ushered in quicker than we think. 

7. Almost a fifth of businesses are using AI for cybersecurity (Tech.co, 2024)

Could password managers and VPNs simply be too old school? While user rates among our cohort of survey respondents were surprisingly low, 19.5% said they were using artificial intelligence as part of their cybersecurity strategy.

Cybersecurity was a more popular use case for AI than financial and legal analysis, both of which were discussed widely in 2023 in the context of roles most at risk of being subsumed by artificial intelligence.

Data Breach Response

8. More than a quarter of business leaders don’t feel confident in their company’s ability to defend and respond to data breaches (Tech.co, 2024)

More than one in ten senior leadership professionals we spoke to aren’t confident in their organization’s ability to defend and respond to a data breach (11%), while a further %15 said they were “not sure” whether their company could withstand a cyberattack of this kind.

That’s a concerning total of 26% of businesses with significant work to do to get themselves up to speed in the new year.

percentage of businesses that feel they can defend and respond to a cyber attack

How to Prevent Cyberattacks

While brushing up on cybersecurity statistics can stir one to attention, preventing cyberattacks rests in two lines of action: firstly, ensuring you have installed the right cybersecurity software, and secondly, ensuring your staff team is given sufficient cybersecurity training so that they can recognize malicious correspondence such as phishing emails and understand the reasons why specific measures and processes have to be followed.

For example, no business should be operating online without a firewall, and for many, a business VPN like NordLayer will be one of the best ways to ensure remote access to your company resources is watertight. Antivirus software with ransomware protection included should also be a top consideration for businesses.

But that’ll all be for nothing if employees at your business can’t recognize a suspicious-looking phishing email, and hand authentication credentials over to a hacker. And, if they’re re-using that username and password across their work apps, there’s no telling how much access that could open up an intrusion – basic passwords are notoriously easy to crack.

So, along with investing in reliable cybersecurity software, extensive cybersecurity training, as well as the stringent enforcement of company cybersecurity policy, is just as crucial to keeping your business safe. Keeping up with the latest cybersecurity news and product updates is also strongly advised.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is a Lead Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol five years ago. As a writer, Aaron takes a special interest in VPNs, cybersecurity, and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Step up your business video conferencing with GoToMeeting, our top rated conferencing app – try it free for 14 days Try GoToMeeting Free