97% of respondents reporting that tool fragmentation adds additional time to identity-related incidents, amounting to an average of 12 hours per incident.

Financial services applications faced a 91% attack rate in 2026, the highest recorded for any vertical.

74% of digital trust professionals cited privacy violations as an AI risk.

66% of decision makers said that protecting enterprise data at scale was a security priority over the next 12 months.

Legal and Governance departments account for 19.5% of all AI hours, with 81% of that use occurring on enterprise plans.

35% of decision makers said that protecting enterprise data at scale was a mission-critical security priority over the next 12 months.

64% of decision makers said that improving the overall security posture related to external threats was a security priority over the next 12 months.

63% of decision makers said that taking a more proactive approch to security was a security priority over the next 12 months.

58% of decision makers said that improving the overall security posture related to internal threats was a security priority over the next 12 months.

65% of organizations use IAM systems.

60% of organizations use vulnerability management tools.

56% of leaders lack a full view of risks and vulnerabilities within business systems.

13% of employees say they’ve sold or know someone who has sold company login details – often under the belief it’s harmless

8% of organizations expose UPnP on the public internet.

Organizations with over 5,000 employees manage more than twice as many external assets as organizations with 1,000–5,000 employees.

50% of small business owners say financial institutions are "very responsible" for preventing and protecting against fraud.

43% of affected small businesses say fraud makes it harder to accept payments.

65% of organizations report challenges with shadow AI.

Only 40% of organizations have a formal AI governance framework in place.

One in three large organizations lack a formal AI governance framework.