39% of organizations experience phishing attacks.

99% of organizations have an incident response plan.

91% of people support national laws regulating personal data use.

29% of midmarket organizations say SME tools no longer meet their needs.

41% of respondents report using AI pentesting, and it appears in the top five most-adopted tools for fintech, manufacturing, and retail.

The education sector continued to be the most targeted industry in February, facing an average of 4,749 cyber attacks per organization per week, a 7% increase year over year.

The government sector ranked as the second most targeted industry in February, with organizations experiencing 2,714 weekly attacks on average, reflecting a 2% year‑over‑year increase.

Enterprise workforces are three times more likely to be targeted with phishing attacks than with infostealer malware.

38% of people use fake or dummy data when possible, up from 33%.

44% of U.S.-based cybersecurity leaders say their role feels emotionally exhausting more often than rewarding.

38% of subscribers are likely to switch providers if they feel unprotected from AI scams.

Funds Transfer Fraud was the second-most common cyber event, accounting for 27% of claims.

53.77% of organizations show at least one critical vulnerability detected (patch management failure).

95% of in-browser attacks detected by Push used some form of bot protection service.

64% of midmarket security leaders feel their posture scaled appropriately with growth.

2% of cybersecurity intrusions investigated involved vulnerability exploitation.

Currently, 25% of senior corporate security leaders say third-party risk management is largely run with agentic AI; this rises to 50% in two years.

Passwords containing 'chiefs' or 'kansas city chiefs' appear 5 million times in exposed credentials.

85% of organizations support mandatory breach disclosure.

78% of security leaders say AI has made ransomware attacks more effective.