2023 Cybersecurity Spotlight: 10 of the Year's Must-Know Stats

Learn the biggest cybersecurity statistics of 2023—from the rise of gen AI to the staggering losses caused by BEC. Stay informed and protect your organization.
December 7, 2023

Staying informed about the latest cybersecurity trends and statistics can go a long way toward reducing your organization's vulnerability to attacks. Like Francis Bacon said: knowledge is power.

As we bid farewell to 2023, it’s the perfect time to take a look back at a few of the biggest shifts and developments we saw in the cybersecurity landscape over the past 12 months. From the staggering losses caused by business email compromise to the rising prominence of generative AI in cyberattacks, these statistics shed light on the challenges organizations face in protecting their data and systems.

1. Business Email Compromise Caused $2.7 Billion in Losses

According to the FBI IC3’s 2022 Internet Crime Report, $2.7 billion was lost to business email compromise (BEC) last year, representing a year-over-year increase of 14.5%. This is a high mark for an already troubling trend. Over the past 10 years, the FBI estimates that BEC has caused $51 billion in exposed losses.

2. Median Amount Stolen in BEC Attacks Exceeded $50,000

It’s concerning enough that the number of BEC attacks has doubled since 2020. Perhaps even more alarming is that the median amount stolen in BEC attacks is more than $50,000. Further, organizations with 50,000 or more employees have a nearly 100% chance of receiving at least one BEC attempt each week.

3. 48% of Organizations Received VEC Attack in First Half of 2023

Nearly half (48%) of organizations received a vendor email compromise (VEC) attack in the first six months of 2023. Also known as supply chain compromise, these attacks originate with an attack on a vendor or supplier and, on average, cost 11.8% more and take 12.8% longer to identify than other breach types.

4. 85% of Security Professionals Attribute Rising Attack Numbers to Generative AI

Encouraging new use cases for generative AI emerge all the time. But there’s a dark side to this revolutionary technology, too. Security professionals have seen an uptick in cyberattacks over the past year, with 85% of respondents attributing the rise to bad actors using generative AI.

5. Identifying and Containing a Data Breach Takes Average of 277 Days

After an attacker successfully infiltrates an enterprise, it takes the organization 277 days on average to identify and contain the data breach. One of the unfortunate reasons for this extended dwell time is that many organizations cannot or do not detect these incursions on their own.

6. Workforce Gap in Cybersecurity Industry Hits 4 Million

The cybersecurity workforce shortage has reached 4 million, according to ISC2. Optimistically, this indicates that there are plenty of opportunities for job seekers in the cybersecurity industry. Unfortunately, this also implies that organizations lack the robust security teams necessary to keep themselves protected from cyberattacks.

7. 66% of Organizations Implemented AI-Enabled Email Security Solutions

Two-thirds (66%) of organizations have implemented an AI-enabled email security solution over and above the protections offered in Microsoft 365 or Google Workspace. This is a step in the right direction as organizations recognize the evolving threats of sophisticated social engineering scams, BEC attacks, and AI-powered cyberattacks.

8. 94% of Cybersecurity Stakeholders Expect AI to Significantly Impact Strategy Within 2 Years

While only two-thirds of organizations have already implemented AI-enabled email security solutions, the vast majority of security leaders recognize the need to integrate the technology into their existing infrastructure. A near-ubiquitous 94% of cybersecurity stakeholders believe AI will have a major impact on their security strategy within the next two years.

9. 84% of Organizations Want AI-Enabled Email Security to Protect Other Communications Apps

Today’s workforces leverage various communication channels beyond email, including Slack and Zoom. These channels are also targeted by threat actors, which is why 84% of organizations want their AI-enabled email security to protect other communication apps. In fact, 89% of organizations report that protecting SaaS applications is a top five IT priority over the next 12 to 24 months.

10. Investing in AI Cybersecurity Saves Average of $1.75M

The average cost of a data breach is $4.45 million—a price tag that by itself is enough to motivate investment in advanced AI cybersecurity solutions. But on top of that, organizations using security AI and automation had, on average, nearly $1.8 million lower data breach costs than those without these technologies.

Preparing for 2024

The cybersecurity landscape in 2023 has been marked by significant challenges and evolving threats. The malicious use of generative AI has fueled the surge in cyberattacks, demanding a proactive approach. Forward-thinking organizations are responding to these novel cyberattacks by implementing AI-native email security solutions, resulting in cost savings and improved threat detection.

By arming your organization with knowledge and innovation, you can successfully navigate the ever-changing landscape and protect your workforce now and into the future.

Interested in learning more about how Abnormal can help your organization protect more, spend less, and secure the future? Schedule a demo today.

Schedule a Demo
2023 Cybersecurity Spotlight: 10 of the Year's Must-Know Stats

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More
B State and Local Government Attack Trends
Advanced attacks targeting state and local governments are increasing. Discover what our research revealed about this alarming trend.
Read More
B Examining Employee Engagement with Email Attacks
Cybercriminals know that humans are your enterprise's biggest vulnerability and are successfully engaging with your employees at an alarming rate.
Read More
Explore how Abnormal’s AI Security Mailbox enhances cybersecurity by engaging and educating employees with personalized GenAI responses. Improve security awareness and streamline operations.
Read More
B Q2 2024 Attacks
In the second installment of our quarterly look-back at malicious emails, we examine 5 more recent noteworthy attacks detected and stopped by Abnormal.
Read More