Phishing accounts for 44% of AI-assisted initial access attempts.

Only 31% of organizations operate a centralized, highly automated security ecosystem.

91% of organizations that report being "very confident" in their AppSec strategy still experience a production incident that bypasses pre-production controls.

67% of organizations report that AI coding assistants are now widely adopted across development teams.

Only 7% of organizations are truly AI-ready.

Only 17% of AI agent assigned defense credits are backed by public evidence — published research, inspectable code, or documented compliance.

96% of enterprises have no automated way to stop a hijacked AI agent.

31% of people working in cybersecurity roles express moderate confidence in current cybersecurity upper leadership.

15% of people working in cybersecurity roles are only slightly confident in current cybersecurity upper leadership.

86% of people working in cybersecurity roles mark being transparent about decisions and actions as very important in a cybersecurity leader.

85% of people working in cybersecurity roles mark decision-making under pressure as very important in a cybersecurity leader.

82% of people working in cybersecurity roles mark building and leading high-performing teams as very important in a cybersecurity leader.

75% of people working in cybersecurity roles mark technical cybersecurity expertise as very important in a cybersecurity leader.

41% of people working in cybersecurity roles somewhat agree that previous leadership experience during a high-profile cybersecurity incident bolsters a leader's credibility.

35% of people working in cybersecurity roles strongly agree that previous leadership experience during a high-profile cybersecurity incident bolsters a leader's credibility.

18% of people working in cybersecurity roles prefer strategic and executive leadership experience over hands-on technical incident experience in a cybersecurity leader.

11% of people working in cybersecurity roles prefer hands-on technical incident experience over strategic and executive leadership experience in a cybersecurity leader.

Cybersecurity budgets among larger or IT-intensive organizations in the Nordics is approximately 2% of the IT budget.

Cybersecurity budgets among regulated, industrial, or OT-intensive environments in the Nordics is approximately 15% of the IT budget.

68% of Nordic CISOs reported an increase in cybersecurity budgets, bringing it to the 2024 level, while 14% reported no changes, and 9% reported a decrease in budget.