The manufacturing sector experienced a 61% year-over-year surge in ransomware attacks in 2025, the sharpest growth of any industry.

50.8% of consumers assign responsibility for unauthorized or erroneous AI-driven purchases to the AI platform, 23.2% assign responsibility to the retailer or brand, and 18.7% accept personal responsibility

90% of senior cybersecurity decision makers identify public cloud as a top visibility and vulnerability concern.

Anthropic Claude Opus 4.6 detected an average of 46% of attack evidence per MITRE tactic.

78% of senior cybersecurity decision makers indicate that potential visibility gaps or blind spots could slow detection or investigation of malicious activity.

84% of senior cybersecurity decision makers point to IT vulnerabilities as a worrisome bridge into OT/ICS environments.

The proportion of businesses and charities experiencing any negative outcome following a breach or attack has remained consistent with 2024/2025 (19% for business and 11% for charities in 2025 compared to 16% for both businesses and charities in 2024/2025).

Billing account update requests have a 26.5% compromise rate.

93% of UK organisations have complete or partial visibility over where their data is stored, processed and potentially accessible, including 48% with complete visibility and 45% with only partial visibility.

Connected IoT device counts in manufacturing facilities are projected to more than double between 2025 and 2030.

Confirmed business email compromise (BEC) losses range from $140,000 to $1.5 million, compared to an average of roughly $40,000 in early 2025.

31% of users in monitored SMB environments are exposed to compromised passwords each month.

Over 90% of healthcare and manufacturing organizations have protected fewer than 80% of their critical systems.

Session hijacking incidents increased by 23% over a 180-day period.

21% of organisations have a dedicated team responsible for delivering digital resilience initiatives

80% of IT decision makers see open source as providing greater control over how AI is built and where it runs.

Routine invoice inquiries have a compromise rate of less than 1%.

88% of organizations are actively implementing or have established clearly defined guardrails or governance policies for AI security tools.

78% of cybersecurity professionals confirm that AI has already improved threat intelligence operations to some degree.

56% of organizations either participate in formal threat-sharing networks (35%) or are actively planning to join one (21%).