Stats & Trends
Brianna Gammons
Jan 2017

6 Must-Know Cybersecurity Statistics for 2017 | Barkly Blog

Cybersecurity has become more of a concern for businesses throughout 2016. See the numbers behind the threats that companies faced in the past year.

How has security changed in 2016? To help you develop your strategy for 2017, we’ve compiled a list of 2016’s most telling statistics in cybersecurity, covering new malware, ransomware, phishing, and attacks due to accidental insiders. Learn what security threats businesses faced in 2016 and how other companies are making changes after experiencing new security attacks and threats.

Once you’re done, check out our Endpoint Security Buyer’s Guide for resources to evaluate your current protection and help with decisions for your 2017 security stack.

What security threats did companies face in 2016?

Growth of New Malware

In Q3 2016 alone, 18 million new malware samples were captured.

Panda Labs

That’s an average of 200,000 per day. And that’s only the malware samples detected by one company. Malware continues to grow and evolve to bypass your antivirus and other levels of protection, which makes it hard for your IT team, your vendors, and your company to keep up.

Ransomware on the Rise

More than 4,000 ransomware attacks have occurred every day since the beginning of 2016.

That's a 300% increase over 2015, where 1,000 ransomware attacks were seen per day.

Computer Crime and Intellectual Property Section (CCIPS)

On average, 4,000 ransomware attacks occurred per day in 2016 according to a report from the FBI in June 2016. Diving deeper, ransomware attacks on businesses have become more frequent as well. Between January and September 2016, ransomware attacks on business increased from once every 2 minutes to once every 40 seconds according to Kaspersky.

Looking for more ransomware statistics to evaluate your risk and see where you could be vulnerable? See the list of statistics we compiled based on ransomware in 2016.

Ransomware and Phishing Work Together

The amount of phishing emails containing a form of ransomware grew to 97.25% during Q3 2016, up from 92% in Q1 2016

PhishMe 2016 Q3 Malware Review

Phishing emails have continued to grow as an attack vector for ransomware. The statistic reported by PhishMe earlier this year was shocking, with 92% of phishing emails they collected containing ransomware in the first quarter of 2016. But their findings from Q3 2016 pushed the number even further to 97.25%.

Phishing and Overconfident Users

78% of people claim to be aware of the risks of unknown links in emails. And yet they click anyway.

Benenson-phishing-study-BlackHat.png Friedrich-Alexander University (FAU)

Dr. Zinaida Benenson conducted a two studies about mock phishing attacks and the results were surprising. Her studies, conducted at Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany and presented at Black Hat USA 2016, revealed that users are even more vulnerable to phishing attacks than we thought.

78 percent of participants stated in a questionnaire that they were aware of the risks of unknown links. In the first group tested with a mock phishing email, 20% of people said they clicked the link in the email but 45% actually clicked. In the second group tested, 16% of people said they clicked the link in the email but 25% actually clicked.

In both cases, a higher percentage of users actually clicked than the percentage who admitted that they clicked. The top reason people said that they clicked? See examples of the emails that were sent in this Business Insider article about the experiment. For more phishing statistics, visit

How are companies making changes based on new cybersecurity attacks and threats?

Making Changes After an Attack

52% of organizations that suffered successful cyber attacks in 2016 aren't making any changes to their security in 2017

security-planning-for-cyber-attack-victims.png Barkly, December 2016, Security Confidence Headed Into 2017

According to our survey about Security Confidence Headed into 2017, over half of organizations hit by a cyber attack are hesitating to make a change. Why? It may seem like a no brainer to bolster protection after an attack, but a lack of additional budget or a decrease in budget makes a change in protection a harder sell.

Budgeting After an Attack

Of organizations who suffered an attack in 2016, 45% expect budget to stay the same and 7% expect budget to decrease.

2017-security-budget-forecast.png Barkly, December 2016, Security Confidence Headed Into 2017

According to our survey about Security Confidence Headed into 2017, 38% of respondents who suffered attacks expect their security budget to increase in 2017 but 52% expect budget to decrease or stay the same.

How will your cybersecurity change in 2017?

Not sure how to adjust your security for 2017? Check out our Endpoint Security Buyer’s Guide for checklists and more that make choosing the right solution simple. Get the information you need to make the right buying decision — and also defend it.

Brianna Gammons

Brianna Gammons

Brianna is helping us grow an active community of security beginners and experts alike. She is exploring topics like security in healthcare and how to keep companies safe from ransomware.


2017 Cybersecurity Checklist

Are you focusing on the right things to protect your company against the latest threats? Find out now.

Get my checklist


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends stright to your inbox.