Applications face an average of 17 new application vulnerabilities per month.

Internal-themed topics accounted for 98.4% of the top 10 most-clicked email templates in the phishing simulations.

PDFs comprised the majority, 61.1%, of the top 20 attachments clicked in phishing simulations.

PDF attachment clicks in phishing simulations increased by 8.1% compared to Q1 2025.

Only 35% of IT and security decision-makers are able to identify vulnerable printers based on newly published hardware or firmware vulnerabilities.

Only 34% of IT and security decision-makers can track unauthorized hardware changes made by users or support teams.

70% of IT and security decision-makers are increasingly worried about offline threats, such as employees printing and mishandling sensitive company information.

96% of EMEA financial services organizations believe they need to improve their resilience to meet DORA requirements.

71.9% of interactions with malicious landing pages involved branded content.

34% of financial services organizations cite third-party risk oversight as the most challenging DORA requirement to implement.

It takes an average of 84 days to patch even the most critical flaws in applications.

IT-related themes were cited in 21.5% of phishing failures.

In 2025, 74% of global consumers said they would willingly spend more time on identity verification when accessing travel and hospitality-related platforms if it improved their security. This is up from 71% in 2024.

A total of 276 publicly disclosed ransomware incidents occurred from April to June 2025.

April experienced a 51% increase in publicly disclosed ransomware attacks year-on-year, with a total of 89 attacks.

69% of respondents globally believe AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft.

There was a 63% increase in publicly disclosed ransomware attack volumes in Q2 2025 compared to Q2 2024.

31% of cybersecurity professionals believe that AI will create new types of entry- and junior-level roles or increase demand.

The smallest organizations are among the most conservative when it comes to adopting AI tools, with 23% reporting no plans to evaluate AI security tools.

Mid-to-large (2,500–9,999 employees) and smaller (100–499 employees) organizations each have 33% adoption rates of AI tools.