Completing forensic investigations faster reduced time to notification by three days.

57% of organizations report moderate or high confidence in identity scoping for AI agents.

59% of enterprises confirm or suspect the presence of shadow AI within their environments.

40% of the riskiest device types are new compared to last year.

75% of the riskiest device types are new compared to two years ago.

Nearly 90% of organizations are already using or planning to use GenAI in API development

Legacy Windows operating systems are most prevalent in retail (39%), healthcare (35%), and financial services (29%).

Telnet exposure in manufacturing is 12%, up from 5%.

Routers account for one-third of the most critical vulnerabilities in organizational networks.

According to their data leak site, in 2025, Qilin targeted more than 40 victims every month except January.

38% of bank leaders believe their primary regulator was understaffed or otherwise underresourced.

36% of bank leaders cite overreliance on one individual or function as a common gap found in tabletop cybersecurity exercises.

35% of bank leaders cite internal communications as a common gap found in tabletop cybersecurity exercises.

Identity, cloud, and credential compromise accounted for 85% of actionable security alerts.

Global traceable ransomware payments fell from $892 million in 2024 to $820 million in 2025.

45% of organizations emphasize the need for traceability and auditability of AI-driven actions.

Of organizations that use 11 or more tools to manage unstructured data, 12% rely on at least 21 tools.

76% of cybersecurity professionals say non-human identities are not consistently governed under privileged access policies.

By 2028, enterprises expect only 29% of network operations to be fully autonomous.

85% of enterprises believe they have the in-house expertise to manage autonomous AI networks.