34% of organizations partner externally for AI threat detection.

36% of organizations with a SOC believe they have a strong ability to detect whether AI tools are introducing new, less visible forms of data leakage.

48% of enterprises' cyberattacks involve phishing or social engineering.

66% of CPS incidents include the compromise of human-machine interfaces (HMI) or supervisory control and data acquisition (SCADA) systems that control industrial processes.

Manufacturing experienced an average attack size of 11.6 Gbps, the largest across all industries.

Government’s share of total attacks increased from 5% to 12% year-over-year, with an average attack size of 5.5 Gbps.

50% of organizations cite workflow integration as the biggest barrier to deploying AI in the SOC.

11% of insider incidents exceed $2 million in remediation costs.

57% of organizations report success using AI for alert triage and risk scoring, while 26% report success automating incident response.

Organizations receive an average of 4,330 security alerts daily, but only 37% are detected and investigated.

For 25% of organizations, manual triage requires 214 hours per week, equivalent to 5.3 full-time employees.

60% of employees use AI daily or more, and 35% use AI multiple times a day.

50% of employees have granted AI access to work-related applications.

79% of organizations are notified of a threat by external third parties such as researchers, customers, or attackers before their own internal detection.

E-commerce and retail accounted for roughly 20% of agentic browser traffic.

Real estate accounted for 17% of agentic browser traffic in early 2026.

Travel and tourism accounted for 15% of agentic browser traffic in early 2026.

94% of organizations view cybersecurity as a primary business risk.

59% of organizations are increasing spending on cloud and third-party security.

80% of organizations increased cybersecurity budgets in 2026.