Europe
We've curated 98 cybersecurity statistics about Europe to help you understand how data protection laws and emerging threats are shaping the cybersecurity landscape across the continent in 2025.
Related Topics
Showing 61-80 of 98 results
Only 12% of professionals reported having a strong talent pipeline for digital trust roles.
45% of professionals indicated they will be hiring for more digital trust roles in 2026 than in 2025.
DEVMAN has claimed 19 ransomware attacks across Asia, Africa, Europe, and Latin America.
13.4% of assessed objectives were financially-motivated.
State-aligned operations, often driven by low-impact DDoS campaigns targeting EU Member States’ organisations’ websites, resulted in service disruption in only 2% of incidents.
79.4% of assessed objectives were ideology driven.
Vulnerability exploitation accounted for 21.3% of initial access vectors.
7.2% of assessed objectives were cyberespionage.
Public Administration was the most targeted sector in the EU, accounting for just over 38% of incidents.
Top Shares of Recorded Incidents by Sector in the EU: 38.2%: Public Administration, 28.5%: Unknown, 7.5%: Transport (second most targeted sector), 4.8%: Finance, 4.5%: Energy, 2.9%: Education, 2.3%: Health, 2.2%: Digital Infrastructure & Services, 1.7%: Manufacturing, 1.2%: Media & Entertainment.
Vulnerability exploitation led to malware deployment as a follow-up activity in 68% of cases.
Ransomware remained the most impactful cybercrime tool despite a reported decrease of 11% compared to the previous ENISA Threat Landscape (ETL) report.
Insider threats accounted for 0.8% of initial access vectors.
Phishing (including malspam, vishing, and malvertising) was the dominant intrusion vector, accounting for approx. 60% of cases..
NoName057(16) was responsible for over 60% of claims in the realm of hacktivism, sustained by its DDoSia platform
Botnet accounted for 9.9% of initial access vectors.
Essential entities (including public administration, transport, digital infrastructure and services, finance, and manufacturing) represent 53.7% of the total number of recorded incidents in the EU.
Malicious applications accounted for 8% of initial access vectors.
Within Public Administration, incidents were dominated by low-impact DDoS campaigns (94.8%).
In North America and Europe, over 60% of websites lack any bot protection.