35% of internal audit functions report extensive use of AI in reporting and 34% report occasional use.

In 2025, 17% of 67,058 published vulnerabilities (11,053 vulnerabilities) were API-related.

Ransomware attacks against industrial organizations increased 64% year-over-year.

Many organizations run 50 or more security products.

Identity weaknesses play a material role in nearly 90% of investigated incidents.

Attackers leverage third-party SaaS applications in 23% of incidents.

Misconfigurations or gaps in security coverage materially enable attacks in over 90% of incidents.

59% of security leaders report having experienced or strongly suspect an AI-related security incident.

Organizations with comprehensive OT visibility detect and contain OT ransomware incidents in an average of 5 days, compared to the industry-wide average of 42 days.

KAMACITE conducted sustained reconnaissance of U.S. industrial devices from March through July 2025.

69% of security leaders agree identity management must fundamentally change to support AI safely.

The technology sector represented 45% of all network-layer DDoS attacks, up from 8.77% in 2024.

Vulnerability exploitation accounted for 41.8% of observed application-layer attacks, rising to nearly 58% in Q4 2025.

Europe accounted for 48.4% of all claimed hacktivist attacks, compared with the Middle East (17.7%) and Asia (17.5%).

Israel received 12.2% of claimed hactivist attacks, the United States 9.4%, and Ukraine 8.9% of claimed attacks.

Government services are the primary target in 38.8% of all claimed hactivism attacks.

The hacktivist group NoName057 (16) claimed 4,693 attacks, the highest number claimed by a single hacktivist entity.

Scattered Spider accounted for 42.9% of all actor-related alerts in the second half of 2025.

62% of security professionals are blind to shadow or undocumented APIs.

73% of SCA users lack visibility into whether flagged vulnerabilities are exploitable in production.