The majority of sensitive data exposure (roughly 85%) due to the use of Chinese GenAI tools occurred via DeepSeek, followed by Moonshot Kimi, Qwen, Baidu Chat and Manus.

35% of IT and security decision-makers are uncertain whether printers can be fully and safely wiped using current sanitisation solutions.

39% of senior IT decision makers at financial services reported DORA remains a central focus.

Only 32% of IT and security decision-makers can detect security events linked to hardware-level attacks.

1-in-10 (10%) of IT and security decision-makers insist on destroying both the device and its storage drives to ensure data security.

Only 20% of financial services organizations have yet to implement third-party risk oversight (a DORA requirement).

HR-related themes were cited in 42.5% of phishing failures.

Code and development artifacts made up 32.8% of sensitive data exposed through employee use of Chinese GenAI tools at work.

71.9% of interactions with malicious landing pages involved branded content.

Stolen identity "fullz" (comprehensive personal information) can be bought for as little as $3 on the dark web.

Financial information accounted for 14.4% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Customer data represented 12.0% of sensitive data exposed through employee use of Chinese GenAI tools at work.

Legal documents made up 4.9% of sensitive data exposed through employee use of Chinese GenAI tools at work.

42% of IT and security decision-makers fail to involve IT/security teams in vendor presentations.

On average, IT and security decision-makers report having approximately 80 printers that are redundant or are in the process of being decommissioned within their organizations.

20% of financial services organizations have yet to secure the necessary budget to meet DORA requirements.

80.6% of the top 20 clicked links originated from internally-themed simulations.

PDF attachment clicks in phishing simulations increased by 8.1% compared to Q1 2025.

Among internally-themed links, 68.2% utilised domain spoofing techniques.

Developer teams remediate, on average, 6 application vulnerabilities per month.