More than 50% of education desktops and mobile devices are unencrypted.

The mean time from a vulnerability's publication to its inclusion in the CISA KEV catalog dropped from 61.0 days to 28.5 days.

Ransomware was involved in 42% of Rapid7 MDR incident response investigations last year.

Total ransomware leak posts increased 46.4% year over year, rising to 8,835 in 2025.

Through 2030, 33% of IT work will be spent remediating AI data debt to secure AI.

61% of U.S. respondents say their organization’s average ransomware payout exceeds its annual cybersecurity budget. 83%

The United States accounted for 23% of application-layer DDoS attack representation.

Technology, financial services, and gaming accounted for 34%, 20%, and 19% of DDoS attacks, respectively.

Mexico and Brazil together accounted for 55% of observed DDoS attack activity.

75% of large U.S. companies say Harvest Now, Decrypt Later (HNDL) attacks must be addressed most urgently.

80% of companies say data privacy breaches are the top generative AI security risk.

77% of large U.S. companies are concerned about intellectual property theft as a generative AI security risk.

Over 90% of large U.S. companies use AI in daily production operations.

62% of organizations say it is difficult to minimize model and bias risks in language model development.

Across all industries, 20% of connected devices store sensitive data.

48% of organizations rate AI as effective in threat detection and hunting for deeper insights and reducing manual workload.

Last year, 18% of connected devices stored sensitive data, 35% lacked encryption, and 26% were unaccounted for.

45% of organizations cite errors in AI decision rules as a top barrier to operational effectiveness.

The average ransomware payment increased 36% to $682,702 compared to the previous year.

Usage of AI assistant apps increased nearly 1000% in 2025 across all major operating systems.