Ransomware victims by industry: Commercial facilities (997), manufacturing (846), information technology (818), healthcare & public health (473), financial services (340), education (266), transportation &logistics (263), government facilities & public sector (253), food & agriculture (181), hospitality (146), energy (144), communications (99), retail (9), entertainment (1), legal (1).

33.33% of respondents reported using two versions of CentOS despite all stable versions now years into end of life.

5.56% of respondents reported using all three versions of CentOS despite all stable versions now years into end of life.

47.8% of surveyed enterprise open source users said their organization experienced a cybersecurity incident in the past 12 months.

Open source using organizations with 1,001–10,000 employees were more than twice as likely to report an incident compared to those with fewer than 100 employees.

Among the open-source users whose organizations reported a cybersecurity incident, 61.4% indicated that the incident occurred when a patch was available but had not been applied – a slight increase from 60.4% last year.

Among respondents who identified at least one affected technology, vulnerabilities tied to reported open source incidents were distributed across infrastructure and middleware (51.9%), software development frameworks and libraries (50.0%), and databases and data technologies (48.1%).

When open source using organizations were asked if they took steps to improve its patch and vulnerability management processes in the last 12 months, 68.8% said they increased automation.

When open source using organizations were asked if they took steps to improve its patch and vulnerability management processes in the last 12 months, 44.8% said they conducted security training.

The most impacted industries by ransomware in LATAM were retail, wholesale and distribution; agriculture and food and beverage production; and health care providers and services.

When open source using organizations were asked if they took steps to improve its patch and vulnerability management processes in the last 12 months, 23.0% said they increased IT security staff.

When open source using organizations were asked if they took steps to improve its patch and vulnerability management processes in the last 12 months, 18.4% said they adopted AI/machine learning.

48.5% of surveyed organizations said there was no change in the last 12 months in the time required for patching a critical or high-priority Linux vulnerability once it was detected.

On-chain analysis indicates that spikes in IAB inflows typically precede increases in ransomware payments and victim leaks by roughly 30 days.

For of open-source users on enterprise teams, the greatest enemy of security is the uptime mandate.

Roughly two-thirds (65.7%) of businesses spend 10 hours or less per month on Linux maintenance.

At least 43% of enterprises that use open-source technology report a mechanism in place to monitor whether those technologies are active, in maintenance, or EOL (7.5%do not track; 4.2% are unsure).

Organizations relying on public project documentation are most strongly represented among those discovering EOL during regular dependency reviews (57.1%).

Organizations in the 1,001–5,000 employee band are the most reactive, with 69.1% discovering EOL status only after something breaks or a vendor notifies them.

Teams that surface EOL through dependency reviews (74.3%) or security scanning (69.7%) most often choose upgrades, suggesting planned remediation is more feasible when signals arrive earlier.