In 2025, more than 90% of open source vulnerability (OSV) malware advisories were reported, a 14x increase over the past two years.

79% of board chairs and independent directors say the board reviews and approves the bank’s cybersecurity strategy.

47% of directors say the board invited outside experts to speak about cybersecurity trends over the past 12 months.

89% of bank CEOs and technology executives say their bank conducted a tabletop exercise of its cybersecurity incident response plan in the prior 12 months.

20% of bank leaders believe their bank or its customers were impacted by fraud involving AI or deepfake media in the prior 18 months.

High- and medium-severity attacks surged 20.8% to more than 13 billion hits.

Log4j generated 824.9 million IPS hits in 2025.

129 ransomware groups were active during 2025.

Global ransomware payments reached $820 million in 2025.

Organizations allocate an average of about 6% of security budgets to AI-agent risk.

27.8% of enterprises have moved to fully autonomous operations.

67% of enterprises say their biggest fear is deploying AI without proper expertise.

By 2028, enterprises expect 38% of network operations to be AI-assisted with humans making final decisions.

By 2028, enterprises expect 32% of network operations to remain traditionally human-managed.

68% of organizations report that less than 80% of their unstructured data is protected.

56% of organizations have only partial visibility into where their data is stored.

32% of organizations use 11 or more tools to manage their unstructured data.

Popular tools for managing unstructured data include data encryption (62%), cloud security (60%), application security (59%), and identity and access management (56%).

Education has 15% consumer trust

Retail has 10% consumer trust