The number of data compromises in 2025 (3,322) increases by five percentage points compared to 2024 (3,152) (2025)

92% of security professionals believe intelligent workflows would add value to their organizations.

28% of cybersecurity professionals in North America and Europe at companies with at least 1,000 employees believe they can prevent a rogue AI agent from causing damage (2026).

90% of security leaders say AI/ML is extremely or very valuable in reducing alert fatigue and improving detection accuracy.

Nearly 40 percent of the 1,040 consumers surveyed received three to five separate data breach notices in the past 12 months (2025)

25% of IT and security leaders say their threat detection and response process is fully automated.

86% of cybersecurity professionals in North America and Europe at companies with at least 1,000 employees agree that AI agents and autonomous systems cannot be fully trusted without unique, dynamic digital identities (2026).

93% of enterprise organizations use at least three security operations tools.

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

65% of organizations in Latin America and the Caribbean reported insufficient cybersecurity skills to achieve their security objectives.

In 2025, 68% of CISOs agreed that their organization currently has a Cyber Resilience strategy in place.

88% of U.S. organizations manage two or more identity security tools, creating fragmentation that introduces blind spots.

63% of organizations in sub-Saharan Africa reported insufficient cybersecurity skills to achieve their security objectives.

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

54% of U.S. organizations uncover unmanaged privileged accounts and secrets every week.

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

Only 1% of U.S. organizations have fully implemented a modern Just-in-Time (JIT) privileged access model.

60% of insider threat incidents involved personal cloud application instances in 2025.

The average organization saw a twofold increase in data policy violations related to generative AI applications over the past year.

In 2025, attacks bypassing multifactor authentication (MFA) were reported in 48% of phishing attacks.