Legal and Governance departments account for 19.5% of all AI hours, with 81% of that use occurring on enterprise plans.

35% of decision makers said that protecting enterprise data at scale was a mission-critical security priority over the next 12 months.

64% of decision makers said that improving the overall security posture related to external threats was a security priority over the next 12 months.

63% of decision makers said that taking a more proactive approch to security was a security priority over the next 12 months.

65% of organizations use IAM systems.

60% of organizations use vulnerability management tools.

56% of leaders lack a full view of risks and vulnerabilities within business systems.

8% of organizations expose UPnP on the public internet.

Organizations with over 5,000 employees manage more than twice as many external assets as organizations with 1,000–5,000 employees.

43% of affected small businesses say fraud makes it harder to accept payments.

50% of small business owners say financial institutions are "very responsible" for preventing and protecting against fraud.

65% of organizations report challenges with shadow AI.

Only 40% of organizations have a formal AI governance framework in place.

One in three large organizations lack a formal AI governance framework.

63% of law firm decision-makers report a significant email-based security breach in the past 12 months.

83% of law firm clients say a firm's technology sophistication affects their confidence.

57% of law firms reported a mobile-related breach.

72% of organizations do not detect credential misuse in real time, often taking hours or sometimes days or weeks to identify unauthorized privileged access.

51% of U.S. cybersecurity decision-makers identify AI-related Non-Human Identity management and security as a top identity governance gap.

43% of cybersecurity decision-makers globally identify AI-related Non-Human Identity management and security as a top identity governance gap.