39% of enterprises identify investigation and analysis as a top bottleneck in workflows.

29% of enterprises report transitions between teams or tools as a meaningful source of workflow delay.

55% of teams at enterprises report that AI has met expectations in security operations.

57% of healthcare organizations use AI-enabled or AI-assisted medical technologies.

80% of healthcare organizations report moderate to high concern about the cybersecurity risks associated with AI-enabled or AI-assisted medical systems.

40% of organizations rank integrating generative and agentic AI into the business among their top three cybersecurity priorities.

36% of organizations rank privilege relationships among their top three cybersecurity priorities.

32% of organizations cite tool complexity as a barrier to operationalizing Identity APM.

32% of organizations cite integration challenges as a barrier to operationalizing Identity APM.

30% of organizations are actively researching or evaluating an identity-based Attack Path Management (APM) solution.

Anthropic Opus 4.6 incured roughly 100 times the detection cost of Google Gemini 3 Flash in the benchmark.

46% of IT security professionals report that AI is contributing to a rise in adaptive and evasive malware.

31.2% of consumers choose general AI tools such as ChatGPT or Gemini for agentic commerce, 27.0% favor retailer websites or apps, and 24.4% indicate no preferred platform

Up to one third of employees operate beyond IT oversight when using AI.

More than 70% of employees worldwide use AI on a weekly basis.

The top three targeted sectors by ransomware victims were manufacturing (1,284), business services (824), and retail (682).

Ransomware victims concentrate geographically with the U.S. at 3,381, Canada at 374, and Germany at 291.

Global exploitation attempts increased 25.49% year-over-year.

The proportion of charities experiencing a takeover has decreased from 3% in 2024/2025 to 1% this year (although was in line with 2% in 2023/2024).

Around eight in ten businesses (81%) and charities (84%) said they informed directors or trustees following an incident, and 62% of businesses and 73% of charities said they kept an internal record of the incident.