Within the top three targeted industries, assets those industries use to conduct business also make them vulnerable. Those platforms include e-commerce platforms which made up 54 percent of assets targeted in the breach investigations and point-of-sale systems, which were a target in 33 percent of the breach investigations.
Read MoreThe anatomy of an Android smartphone cyberattack
Despite the increase in cyberattacks, Trustwave measured positive progress by companies and organizations in the time it takes them to detect a breach. The mean average time across investigations was 134 days, down from 210 days in 2012. The median average for detection was even better, at 87 days.
Those details are important because progress for detecting a breach is key to containing the damage, McCullen said. That kind of efficiency allows firms to more quickly mitigate risk and quarantine part of the computers and network devices in the environment that have been compromised, with the goal of preventing larger amounts of data from being exfiltrated or extracted from a network.
Increases in IT security budgets also help, along with raising awareness of the risks of cyberattacks all the way up to the board level and sometimes the two go hand-in-hand.
"It's really a focus and a funding issue that IT directors have to face these days. The key is to bring awareness so you can go out and get funding and focus because cybercrime can dramatically impact not only your customer relationships but financially, your bottom line," McCullen said.
—By CNBC's Sabrina Korber.