67% of organizations rely on static credentials for AI systems.

34% of incidents in the Automotive and Smart Mobility focus on business and operational disruption.

67% of CISOs report limited visibility into how AI is used across their environment.

75% of CISOs report their enterprises rely on extending controls originally designed for other attack surfaces to cover AI-driven workflows and infrastructure.

11% of enterprise CISOs have security tools specifically designed to protect AI systems.

27% of internal audit leaders view AI-enabled fraud as a high risk.

57% of internal audit functions currently assess control weaknesses that enable fraud.

26% of internal audit functions investigate and document AI's role in fraud incidents.

58% of internal audit leaders identify automated social engineering as a leading AI-enabled fraud threat.

28% of internal audit leaders are concerned about fabricated job applications or employee profiles created with AI.

27% of internal audit leaders are concerned about synthetic identity fraud enabled by AI.

57% of internal audit leaders identify a lack of appropriate technology or tools as a primary barrier to improving AI-enabled fraud preparedness.

25% of internal audit functions report extensive use of AI in risk assessment and 39% report occasional use.

Network-layer DDoS attacks targeting OSI layers 3–4 increased 168.2% year over year.

Peak network-layer DDoS attack volumes reached almost 30 Tbps.

Web DDoS attacks targeting OSI layer 7 increased by 101.4% compared to 2024.

Most high-impact Web DDoS attacks now last less than 60 seconds.

EMEA accounted for 57% of all Web DDoS attacks globally.

Bad bot activity increased 91.8%.

APAC's Web DDoS attacks surged 485% year over year.