94% of cybersecurity and IT leaders at enterprises can translate security risks for non-technical stakeholders

62% of US IT and security professionals at companies with at least 1,000 employees believe AI makes it more likely their company will need to pay a ransom to regain access to its data after an attack.

9% of U.S. CFOs and senior finance leaders say their cloud spend is staying flat.

24.82% of repositories predate GitHub’s 2023 default token hardening and may retain legacy access settings.

North America's overall fraud attack rate remains roughly 2.2%.

65% of API attacks exploit Security Misconfiguration (OWASP API8)

Nearly two thirds of CISOs report low confidence in their ability to prevent unsafe AI data access.

Average claim severity in Resilience's healthcare portfolio increasesd from $800,000 in 2024 to more than $2 million per incident in 2025.

Only 28% of organizations report full visibility into non-human identities across cloud, on-premises and SaaS environments.

46% of MSPs report that clients ask for best-practice BYOD recommendations

26% of organizations report using automated detection and response to monitor non-human identity activity.

There is a 55 percentage point gap between corporate laptop monitoring (79%) and employee-owned device monitoring (24%) among MSPs

59% of security and engineering teams still negotiate who is responsible for each fix at enterprises.

36% of MSPs prefer to offer BYOD services as an optional add-on to existing services

53% of US IT and security professionals at companies with at least 1,000 employees are very confident they can quickly recover from an AI-driven ransomware attack.

16% of organizations already use Java runtime optimization or JVM tuning.

Roughly 80% of organizations describe 'shadow AI' use as moderate to pervasive.

10.10% of organizations have exposed Anthropic credentials.

In the past 12 months, 27% of organizations report AI-related data breaches.

DDoS attack volumes reached 12 Tbps in Q4, representing a sixfold increase.