71% of CIOs say it is likely their AI budget will be cut or frozen if targets aren’t met by the end of the first half of 2026.

54% of CIOs say they have discovered unsanctioned 'shadow AI' in use inside their organizations.

25% of CIOs report having full real-time visibility into all AI agents running in production.

60% of CIOs say their own job would be at high risk if the AI market contracts or an AI bubble bursts.

Australia and the United Kingdom recorded 110 and 42 disclosed ransomware attacks respectively in 2025.

The United States suffered 3,768 undisclosed ransomware incidents in 2025.

Canada accounted for 6% and Germany accounted for 4% of undisclosed ransomware attacks in 2025.

Organizations across 135 countries, representing 69% of countries worldwide, were impacted by ransomware attacks in 2025.

Undisclosed ransomware victims announced on dark web leak sites totaled 7,079 in 2025, a 37% increase compared to 2024.

Publicly disclosed ransomware increased by 49% year-on-year, reaching 1,174 incidents, nearly four times higher than in 2020.

Adversaries shifted 80% of their tradecraft toward stealth, evasion, and persistence in 2025.

Use of data encryption for impact (ransomware encryption) dropped by 38%.

Process injection accounted for 30% of attacker techniques and is the top technique for the third consecutive year.

One in four attacks involve stealing saved passwords from browsers to authenticate as valid users.

The Lazarus threat actor group has over 40 distinct designations across the industry.

Exploit weaponization can occur in under 24 hours.

The INC ransomware group claimed 66 victims in undisclosed activity in 2025.

The Akira ransomware group was linked to 776 total recorded attacks in 2025.

Most large organizations have accurate inventories for only about 25% of their total assets.

47% of companies use mean time to remediate as a cybersecurity metric.