Build or upgrade your ISMS on our platform

10 Of The Most Shocking 2015 Information Security Facts

Information security has had a tough few weeks.

Following this, I thought it might be worth sharing 10 stomach-churning facts about information security.

1. $38.5 billion

The estimated cost of the worst computer virus in history. The aptly named MyDoom virus first surfaced in January 2004 and is still, to this day, the fastest spreading email worm ever.1

2. 110 million

The number of people in the USA alone whose personal information was exposed last year. That’s roughly half the adult population of the United States.2

3. 98%

The amount of tested web applications which are currently vulnerable to attack.3

4. 10%

The minority of large organisations who did not experience a data breach in 2015.4

5. 69%

Attacks from an unauthorised outsider hit 69% of large businesses so far this year. It would seem breaches are becoming more malicious in nature as this figure rose 14% from 2014.

6. 3/4

Breaches which were the direct result of human error. In fact, half of the worst information security failures were due to staff mistakes – human error continues to plague information security.

7. 33%

Large organisations who are unsure of who is responsible for ensuring data is protected.

8. 7%

Small businesses who plan to increase their information security spending next year. Despite increases in attacks, this figure has dropped from the 2014 figure of 42%.

9. 32%

Those businesses who felt they did not need any security risk assessment. Almost unsurprisingly, over 1/4 of organisations had not evaluated the effectiveness of their information security in 2015.

10. Double

The scale and size of information breaches have increased dramatically this year. In response, 11% of businesses have been forced to change the nature of their business as a direct result of their single worst breach.

These statistics suggest a worrying trend. Despite the upward trend of information breaches, the majority of businesses are not responding accordingly. Prioritising information security is long overdue: businesses need to evaluate and put systems in place which manage the information they handle.

If you’d like to know how implementing, maintaining and improving your information security management is made easy and cost effective with contact us at to arrange an online demo.

1From the results of an independent survey by Ponemon Institute

2Trustwave’s 2015 Global Security Report – link to full report, page 90 for Web Application Security

3 Taken from 2015 Information Security Breaches Survey – link to full report