Impressions on the rate of incidents based on headlines can be misleading. Because more media outlets now report on incidents doesn’t mean that the actual rate of incidents has increased over years, as Robert Lemos reports:
In April 2015, the U.S. Department of Energy responded to Freedom of Information Act (FOIA) request from USA Today by releasing information on more than 1,100 cyber-security incidents that occurred over four years.While the data was not detailed—only consisting of seven variables, two of which had been redacted—there was enough information for researchers from Stanford University to come to a surprising conclusion: The rate of security incidents decreased over time. In other words, while breaches have regularly made headlines, the DOE as a whole was seeing fewer attacks.
Read more on eWEEK. This wasn’t only the only analysis/study that supports the hypothesis that incidents have not decreased and malware-related incidents are actually decreasing. Lemos mentions some other studies in the article.