Credentials or data were stolen in nearly half of all cyberattacks.

Extortion following a ransom demand occurred in 12% of cases.

Compromised network edge devices account for a quarter of the initial compromises of businesses in cases that could be confirmed from telemetry.

Over 60% of financial services firms anticipate using more sophisticated AI tools by 2030.

Use of remote ransomware increased 50 percent in 2024 over last year.

43% of the top 100 apps use one or more cryptographic methods that do not follow best practices.

Most active STAC campaigns tracked by Sophos MDR in 2024 were ransomware-related.

Only 9% of financial services firms have adopted more advanced "automated regulatory intelligence" platforms.

88% of all apps use one or more cryptographic methods that do not follow best practices.

71% of financial services firms noted data protection concerns are driven by the volume of sensitive data required to support AI models.

47% of financial services firms take a "learn as I go" approach to AI education.

The Veeam vulnerability (CVE-2024-40711) and similar documented vulnerabilities played a role in nearly 15 percent of the cases Sophos MDR tracked involving malicious intrusions in 2024.

65% of financial services firms cite data protection as the primary barrier to AI adoption.

The use of remote ransomware increased 50 percent in 2024 over last year, and 141 percent since 2022.

103 of 9,078 analyzed Android apps were found to use unprotected or misconfigured cloud storage. 4 of these Android apps were in the top 1000 of the PlayStore popularity list.

Use of remote ransomware increased 141 percent since 2022.

51% of financial services firms block open-access AI tools entirely.

Obsolete and unpatched hardware and software constitute an ever-growing source of security vulnerabilities.

62% of all analysed apps use some kind of cloud API or SDK.

52% of financial services firms report using preliminary AI tools for tasks such as information retrieval and data enrichment.