The last two years have seen SASE becoming the mainstream security framework with businesses across all sectors either in the implementation stage of adoption or planning an adoption strategy. And FINALLY, (from our perspective) the realisation that there is no SASE without SD-WAN is also being accepted across the board from IT providers and Consultants to within the Channel. But is the rest of the world truly ready to take on SASE? It seems so with Forbes Technology Council stating that “2023 will the year SASE really takes off”, in an article published on 20 January 2023, Yet there is still a whopping 69% of tech professionals (mostly those the Channel and IT experts will be selling to) could not accurately define SASE as of November 2022. So, before we deep dive into the reasons for needing SASE security – namely the enormous YoY growth of cyber attacks and threats – let’s firstly define what SASE and SSE is.
Here in this blog, we provide a plethora of SASE and cyber-crime stats predicted for 2023, from ransomware to DDOS and phishing attacks. The cyber-attack threat in 2023 is larger than ever before and is driving SASE adoption rates globally, The global SASE market size in 2023 is valued at $4874.75 million in 2023 with a CAGR of 17.44% and is expected to reach $ $12789.45 million by 2027. We’ve defined geographical areas for our cyber-security facts and stats files below, covering the UK, EU and ASIA, to match our main areas of operations, and have further in-depth discoveries in our annual Trends Report in our thought leadership are of our website. So, read on a see why 2023 will see SASE really take of.
Let’s start first with the enormous factor driving SASE adoption – CYBER-CRIME. In fact, the very same issue that is driving our own SASE innovation, as our R&D lab and tech team continually adapt, innovate and reinvent the SASE framework and amalgamate every one of our 6 world first innovations into one all singing and dancing product – SASE SELECT.
Buckle up, dear reader, and prepare for a bumpy ride – the cyber-crime stats are completely shocking, starting with the fact that the UK has the highest number of cyber-crime victims per million on the internet, with 4,783 per million being a victim of cyber-crime in November 2022 alone. So, what else has been happening this month (the month I author this blog).
Cyber-Crime Statistics & Predictions for 2023 in the UK
Our fact file below lists the latest figures for cyber-crime and cyber-attacks stats in the United Kingdom for 2023. Predictions are based on the fact that YoY since 2020 cyber-attacks globally is growing at a rate of 15%, some types of cyber-crime is growing at 35% YoY!
£5.02 MILLION GBP average cost of a data breach across all business sectors for 2023
£543.03 MILLION GBP ransomware attacks reported globally in 2023
£115,000 GBP the average rise in Cyber-crime costs every six months in 2023
£66,785 GBP is the average cost of investment fraud per victim at the end of 2023
4th place – UK’s place in the global cybercrime rankings as of November 2023
85% of UK companies suffered more than one successful breach via phishing in 23
63.2% the rise in companies suffering multiple attacks since 2020 to 2023
1744% increase in number of victims per hour in last 20 years
£4.4 BILLION GBP cost to victims of online crime in 2023
£216.5 BILLION GBP annual cost of ransomware by 2031
£155,239 THOUSAND GBP per second in global cyber-crime costs
£1.22 TRILLION in income for cyber-criminals in 2023
53% of all cyber-crime involves stealing money
In the EU the cyber-threat landscape is similarly gloomy, but SASE adoption across continental Europe is having a positive affect. First, let’s see what what technology and cyber-security experts predict will happen in 2023 as far as cyber-attacks go.
EVERY 2 seconds there will be a ransomware attack by 2031 (according to an EU commissioned report)
€ 9.2 TRILLION Euros – the cost of cyber-crime by 2025
30% growth YoY in ransomware attacks YoY to 2031 says the same report
50% of cyber-threats in the EU are targeted at: public administration and governments 24%, digital service providers 13% to the general public 12%
60% of EU-based companies have been the subject of Ransomware attacks
2023: There will be THREE TIMES the number of IoT devices in Europe than the entire EU population
Number of cyber-attacks and the associated costs across various EU / continental European countries as France, Germany, The Netherlands, Spain and Belgium:
52% of companies in France experienced a cyber-attack in 2022
59% the expected amount of businesses in France to experience a cyber-attack in 2023
46% of companies in Germany experienced a cyber-attack in 2022
53% the expected amount of businesses in Germany to experience a cyber-attack in 2023
57% of companies in the Netherlands experienced a cyber-attack in 2022
65.5% the expected amount of businesses in the Netherlands to experience a cyber-attack in 2023
51% of companies in Spain experienced a cyber-attack in 2022
58.6% the expected amount of businesses in Spain to experience a cyber-attack in 2023
43% of companies in Belgium experienced a cyber-attack in 2022
50% the expected amount of businesses in Belgium to experience a cyber-attack in 2023
Asia is also seeing increased cyber-threat, from ransomware to DDOS attacks, phishing to malware. However, there is an interesting conflict in figures, for example.
According a recent Surfshark report attacks in Asia were dropping….
77% reported DROP in cyber-attacks in Malaysia
81% reported DROP in cyber-attacks in Japan
77% reported DROP in cyber-attacks in South Korea
However, there are HUGE spikes reported just in late January 2023 in other Asian nations, for example.
436% increase in all types of cyber-attack Vietnam
239% increase in all types of cyber-attack Philippines
1368% increase in all types of cyber-attack Indonesia
2,045 weekly attacks per Asian-based organisation or business (however we can assume geo-targeting as per above applies).
36% increase in Asian cyber-attacks predicted for 2023
60 terabytes was the average amount of voter data information in just one attack during the Philippine elections according The Commission on Elections (COMELEC)
SME/SMB – how small and medium sized businesses are faring under huge global attacks in comparison to the corporate or enterprise-sized businesses.
It could be said that SME’s and small businesses are not coping well with the cyber-threats. Couple that with the exponential growth in attacks again a predicted growth for 2023, along with supply chain attack (stats further along in the blog), and it’s easy to see how SMEs could be unwittingly involved in an attack aimed at a larger target.
84% of SMEs say they need to take decisive action on cyber-security
90% of SMEs increasing cyber-security budgets in financial year 2023
102% of SMEs seeking ongoing support from managed service providers for cyber-security in 2023
79% of SMEs believe a cyber-attack would put them entirely out of business
35% is the amount of SME’s that have cyber insurance
60% of SMEs would not last 6 months after a cyber-attacks
£20.5 THOUSAND GBP average cost of a cyber-attack to an SME
46% of cyber-attacks hit businesses with less than 1,000 employees
61% of SMEs targeted by cyber-criminals in 2021
70% of SMEs targeted by cyber-criminals in 2022
80.5% of SMEs targeted by cyber-criminals in 2023
$170.5 USD average ransomware payment paid by an SME in 2022 in the USA
Corporations are able to withstand an attack more robustly than an SME, however they can be more profitable than a small business:
£24.6 MILLION GBP average costs per cyber-attack per
£4.4 to 7.7 MILLION GBP per cyber-attacker per enterprise-sized business
£1.9 MILLION GBP difference in costs of cyber-attack between compliant and non-compliant businesses
$1.85 MILLION average cost of ransomware attack for corporations or enterprises in the USA
Supply Chain is One of the Vulnerable Areas That Cyber-Attackers Are Targeting
The supply chain is one of the weakest links and is enabling cyber-criminals to breach the entire partner eco-system. For Channel, however, it represents an opportunity to solve issues and eradicate threats for multiple customers.
22% of all global losses occur from the breach of a supply chain partner
30 days the number of extra days it takes to identify a supply chain breach
77% of cyber-security incidents involved a 3rd party and this figure continues to increase
19.5% of organisations say a data breach was caused by providing too much access to third parties
How Do Businesses Expect to Be Attacked?
It should be said their time might be better spent working on how NOT to be attacked! But anyway, these figures below show that across all industries there is an accepted knowledge of the varying types of attacks and therefore where the weaknesses lie:
87% data theft
66% ransomware attacks
60% supply chain attacks
60% DDoS attacks
59% APT (advanced persistent threat) and perhaps the most astonishing stat:
90% of data breaches are due to human interaction, either as a result of malicious intent, or via stolen credentials, phishing, misuse or simple errors by staff members. But let’s go into a little more detail on ransomware, DDOS and phishing attacks for 2023:
Ransomware cyber-threat 2023:
EVERY 14 seconds ransomware attack takes place increasing to every 9 seconds in 2023
$17 MILION USD in recovery cost in just ONE attack on the City of Atlanta
$125 BILLION to be spent by the healthcare industry between 2020 to 2025
$2.2 MILLION every month damages in formjacking
4,800 websites attacked by jacking attack every month – stealing personal data & credit card details
98% of ransomware attacks paid in crypto currencies
$30 BILLION USD annually in crypto-crime annually to 2025
Phishing cyber-attack predictions 2023:
$5.6 MILLION USD in data breach costs from phishing attacks predicted in 2023
90% of successful cyber-attacks start with exploiting human-nature via phishing
80% of reported cyber-crime in the TECH SECTOR began via phishing
24% of all phishing aimed at divert employee payroll deposits
28.7% of all data breaches will be via phishing according to FBI stats
Denial of Service attacks:
$50,000 USD average cost of enterprise sized businesses for DDoS attacks inc lost time
69% of businesses experience 20 to 50 DDoS attacks every month
79.3% of businesses will be attacked in 2023
300% increase in DDoS attacks in the manufacturing sector in latter half of 2022
345% increase in manufacturing attacks expected for 2023
2317% increase in DDoS attacks [late 2022] at telecommunications businesses
43% of ALL DDoS attacks in 2022 hit the USA according to Kaspersky
46 MILLION per SECOND – Google repels this many layer 7 DDoS attacks every second!
DDoS-as-a-service websites being shut down daily, but still hackers-for-hire simply move on a set up digital shop under new names and domains
704.8 MILLION packets per second is the current record for a DDoS attack
What is even more insidious is the appalling rise of cyber-crime against children and the vulnerable. One average ‘business targeted cyber-crime’ and ‘straightforward’ yet nefarious money-making attacks rise at around 15% YoY, but online child exploitation is rising at more THAN DOUBLE that, at 35% YoY.
54% of UK adults [recently 18 years old] report that they were inappropriately sexually targeted as a child using the Internet. This figure rises to as much as 74% in some nations. So, as much a business and our bank accounts need to be protected, an entire generation is being affected by cyber-crime in the most detrimental and dangerous manner.
2023 will see private and public organisations, from international law enforcement agencies to children’s’ charities and tech vendors, MSP and ISPs come together to counter this appalling threat to our collective children.
SASE Adoption across all business sectors 2022
2022 has been a boom year for SASE adoption. The figures below show that the framework has truly gone mainstream and that the Channel will be facing huge growth in demand for SASE frameworks and requirements to partner with MSPs and SIs, as per the trends stated in this very blog!
94% of respondents say their adoption of SASE solutions has accelerated this year
59.8% driven by Cloud security, including visibility and control into cloud environments
50.6% driven by innovation, including cloud application migration and artificial intelligence
47% driven by security strategy, including implementing Zero Trust (ZTNA)
$15 BILLION USD – the SASE market size will exceed this figure by 2026
100% year on year increase on SASE implementation through to 2025
98% believe convergence of network and security is critical or very important and this is an emerging mega-trend for 2023
There will be much written and talked about around consolidation of technology. Seen not only as a cost-saving exercise it will also reduce complexity – two other mega-trends for 2023 with Gartner saying 75% of customers are pursuing security vendor consolidation compared with just a fraction of that last year. Other sources state that 65% of businesses expect to improve overall cyber-risk internally, with only 29% expecting to reduce spend on licences in 2023.
64% of businesses have already adopted SASE or will in next 2 years
65% of IT consultancies have not yet sold SASE yet – this is surely a marker of the size of the potential SASE market for IT consultancies, the Channel and IT resellers.
Couple this with 2023’s last mega-trends, that of outsourcing and using and MSP for everything from customer retention to upskilling your own workforce, cutting costs to expanding specific expertise, even the UK government’s GCHQ and National Cyber Security Centre recommends businesses use an MSP for the security provision and management. READ MORE ON 2023’S MEGA-TRENDS here.
So, after this bleak scenario, what can we do for you?
We have a unique product that will keep you both connected and protected – SASE SELECT.
We work to ensure that all businesses, no matter what their size is, get what they exactly need, and no less, in terms of network, cybersecurity, hardware or business requirements (like keeping their data in their country). No company should compromise on what they need, or be constrained by the options they’re offered. Just because their ISP’s don’t have the capabilities to provide fully suitable and affordable solutions in time that doesn’t mean that MSP’s like us have the same restrictions. With SASE SELECT, we can integrate (and even modify) components and products from best-in-breed vendors to make sure that the solution proposed does what the customer needs it to do and that is flexible enough to change or grow as the business requirements do
There are two types of companies, those who have been attacked and those who will be attacked. All breaches are preventable. Come and talk to us, we’re here to help.
Have an informal chat with us in our metaverse office or email us to see how we can help your business.