The highest maximum number of packets transmitted per second recorded was 207,090,400 packets per second in the first half of 2025. 207 million packets per second can paralyze firewalls, servers, and entire networks within seconds.

Between 2019 and 2023, manufacturing experienced large losses primarily from ransomware (86.7%), followed by other causes (10.0%) and data breaches (3.3%).

In 17.0% of cases since 2019, breaches were first reported by external parties.

Only 38% of organizations over 20,000 employees actively pursuing CMMC 2.0 certification achieve top-tier encryption (76-100% coverage).

Average initial ransom demand (based on all cases with ransom demand) in 2019: $7.77 million.

Between 2019 and 2023, other sectors experienced large losses primarily from ransomware (53.1%), followed by data breaches (25.0%) and other causes (21.9%).

The largest DDoS attack between January and July 2025 reached a maximum bandwidth of over 1.2 Tbit/s. This is double the largest attack in the first half of 2024, which was 694 Gbit/s.

63% of organizations actively pursuing CMMC 2.0 certification are in North America.

Healthcare, retail, and manufacturing remained the most targeted sectors.

In 2025, 98% of DDoS attacks routed malicious traffic through the US.

Companies with revenues between $250M and $500M had an average relative frequency of large claims on primary policies of 1.19.

In 6.4% of cases since 2019, the attackers themselves disclosed the breach.

In 42.9% of cases prior to 2019, breaches were first flagged by outside parties such as security firms, regulators, or customers.

Between 2019 and 2023, healthcare experienced large losses primarily from ransomware (57.1%), followed by data breaches (28.6%) and other causes (14.3%).

The average duration business operations were affected by ransomware in financial services was 33 days.

The average duration business operations were affected by ransomware in manufacturing was 62 days.

For data breach cases where the attackers themselves disclosed the breach, it took an average of 17 days to notice the attacker since 2019.

Average initial ransom demand (based on all cases with ransom demand) in 2021: $17.39 million.

In 2023, victims paid on average 39.1% of the initial ransom demand.

Despite a drop in notifications, vendor-related claims still accounted for 15% of incurred losses estimated so far in 2025.