43% of cybersecurity decision-makers globally identify AI-related Non-Human Identity management and security as a top identity governance gap.

More than a third of organizations in the US report attempted cyber attacks occurring daily or even more frequently.

67% of U.S. cybersecurity decision-makers are concerned about employees inadvertently exposing sensitive information to AI systems.

42% of organizations globally identify a lack of visibility into the AI tools employees use as a significant identity governance gap.

Only one in nine global ransomware attacks were publicly disclosed in Q1 2026.

There were 2,160 undisclosed ransomware attacks identified in Q1 2026.

Government entities experienced 32 publicly disclosed ransomware attacks (12%) and the technology sector experienced 28 attacks (11%) in Q1 2026.

The Gentlemen claimed 273 attacks since its emergence in 2025 through the end of Q1 2026.

Data exfiltration occured in 96% of ransomware attacks in Q1 2026.

The average volume of data stolen per undisclosed ransomware incident was 743 GB in Q1 2026.

Victims were given an average of 7.7 days to meet ransom demands in Q1 2026.

Undisclosed ransomware attacks increased by 2% year-on-year.

Ransomware victims were located in 97 countries in Q1 2026.

Organizations across 39 countries were impacted by disclosed ransomware attacks in Q1 2026.

Organizations coordinate an average of seven AI models in production.

77% of organizations report that inference is their dominant AI activity.

Only 8% of organizations rely exclusively on public AI services.

88% of organizations have faced AI-related security challenges.

98% of organizations are preparing for agentic AI.

Nearly 29% of organizations identify prompt layers as the top AI delivery mechanism.