Over 50% of organizations use AI to detect threats.

85% of organizations lack proper security controls for AI agents.

85% of organizations state they are "ready for AI in security".

44% of industrial organizations cite risk mitigation as the most laborious task

Over 33% of industrial organizations take more than 90 days to remediate threats.

63% of industrial organizations take over 30 days to remediate threats.

Consumer Discretionary saw a significant increase in attacks, rising from 73 attacks in April to 102 in May.

88% of cybersecurity leaders are concerned about supply chain cyber risks.

Of the organisations affected by KEVs, 51% are affected by KEVs that are also linked to ransomware and are insecurely connected to the internet.

Within organisations affected by KEVS that are also linked to ransomware and are insecurely connected to the internet, 2% of devices contain the same high level of risk, meaning they are essential to business operations and are operating at the highest level of risk exposure

Global ransomware attacks decreased by 6% in May.

Only 30% of organizations regularly map AI agents to critical assets.

More than 70% of organizations reported experiencing at least one material third-party cybersecurity incident in the past year.

5% of organizations suffered ten or more third-party cybersecurity incidents.

19% of industrial organizations identify their cybersecurity maturity as evolving.

Safepay emerged as the most active threat group, responsible for 18% of all attacks in May. This translates to 70 attacks attributed to Safepay in May. Safepay has been active since November 2024.

Play moved to second place with 44 attacks in May.

8% of industrial organizations claim that nation-state actors are their top security concern.

9% of industrial organizations claim that zero-day vulnerabilities are their top security concern.

Qilin dropped to third place with 42 attacks in May.