December 2024 saw the highest monthly volume of global ransomware attacks ever recorded, with 574 attacks detected by NCC Group. This is the highest number since they began monitoring ransomware activity in 2021.

Half of respondents said their organisation will divert capital allocations from other budget areas to fund AI initiatives.

71% of UK organisations feel their current cybersecurity budgets are adequate for ensuring cyber safety.

35% of small organisations believe their cyber resilience is inadequate, which is a sevenfold increase since 2022.

Threat actors using IABs can achieve breakout times as fast as 27 minutes.

Ransomware attacks targeting South America increased from 35 to 404 in December vs November.

Europe was the second most targeted region, with 18% of ransomware attacks, or 100 attacks, in December 2024.

29% of British employers have fired or disciplined employees based on their recorded emails and messages.

60% of board members acknowledge that board members with cybersecurity backgrounds more heavily influence security decisions.

Vulnerability exploitation accounted for over 17% of initial access incidents among ReliaQuest customers in 2024.

32% revealed the attackers demanded further payment or threatened more attacks.

Board members with a CISO background report stronger relationships with security teams and feel more confident about the organisation’s security posture.

37% of board members with a CISO background express concern that they are not doing enough to protect the organisation, compared to a survey average of 62%.

More than 50% of all recorded CISA exploited vulnerabilities were API-related for the first time, a 30% increase from the year before.

29% of CISOs say they receive adequate budget to accomplish their goals, compared to 41% of board members who think the function has enough funds.

North America was consistently the most-targeted region during 2024, accounting for an average of approximately 58 percent of global R&DE attacks.

73% of the time, when prompted with warnings of a potential company violation, users opt not to proceed based on coaching information provided.

73% of consumers reported they had reduced trust in the smartphone brand and operating system developer following a security issue.

More than a quarter (28%) of UK bosses have used monitoring tools to assess potential union formation.

31% of CISOs are concerned about their organisation's ability to handle a cyber crisis because of the rising volume of cyber incidents.