Adversary-in-the-middle (AiTM) attacks accounted for 39% of these incidents.

Of the never-seen-before spam emails, 37% fell into the commercial, 32% into the scam, and 21% into the phishing categories of spam.

28% of insurance companies reported breaches—higher than the S&P 500 (21%) and double the U.S. energy industry (14%).

The median ransom payment rose from $199,000 in 2023 to $1,500,000 in 2024.

29% of IT leaders say expanding and more complex data security threats is among the biggest security vulnerabilities in organizations

49% of employees in Germany say they frequently use IT policy workarounds to “get the job done” and save time or effort.

High-severity KEVs saw a 25% reduction in remediation time.

86% of respondents said privacy training and awareness programs had a positive impact on overall employee privacy awareness.

40% of respondents felt completely or very confident in their organisation’s ability to ensure the privacy of its sensitive data.

6% of IT leaders have email security training on outbound threats only

12% of respondents' organisations experienced a material privacy breach in the past 12 months.

5% of IT leaders don't have email security training

15% of CISOs ranked compliance status as a top performance metric, compared to 45% of boards.

47% of ransomware attacks against energy and utilities sector were in the United States.

41% of IT leaders prioritize certified email authentication and access control for email security investment.

18% of CISOs claimed they were unable to support a business initiative due to budget cuts in the past year, and 64% said that lack of support led to a cyberattack.

Nearly half of the 1,110 initial access listings collected in Q4 2024 were related to US-based companies.

1-25% of CISOs reported that emerging domains including AI, M&A security, change management, IT due diligence, digital transformation, and innovation were being added to their workload.

Enterprise users clicked on phishing lures at a rate nearly three times higher in 2024 compared to 2023.

More than eight out of every 1,000 users clicked on a phishing link each month, up 190% from last year.