36% of respondents in Africa and 42% in Latin America lack confidence in their country's ability to respond to major cyber incidents targeting critical infrastructure.

Six "mega-breaches" accounted for more than 1.4 billion of the 1.7 billion victim notices issued in 2024.

75% of IT leaders in the UK agree that outbound email security doesn’t get as much attention beyond compliance, but it is the silent security killer

66% of IT leaders in Belgium agree that outbound email security doesn’t get as much attention beyond compliance, but it is the silent security killer

54.2% of respondents to the CISO Society survey feel that they have the talent to meet future regulatory requirements.

20% of CISOs are concerned about their organisation's ability to handle a cyber crisis because of the lack of incident response planning.

Research shows over 210 million compromised passwords.

On average, the number of genAI apps blocked per organization has remained steady over the past year and is currently at 2.4 apps per organization.

There has been a significant increase in the number of apps blocked by the top 25% of organizations, where the number of blocked apps more than doubled from 6.3 to 14.6 over the past year

ZeroFox identified 45 new R&DE collectives during 2024, compared to 35 during 2023.

After analysing 1.8 million breached administrator credentials, 40,000 admin portal accounts were found to be using ‘admin’ as a password.

57% of AI-powered APIs were externally accessible.

89% of AI-powered APIs relied on insecure authentication mechanisms, like static keys.

Only 27% of the time does the user proceed when presented with a real-time coaching prompt. The other 73% of the time, the user decides not to continue based on the information provided in the coaching prompt.

34% of enterprises admit their security controls are lagging behind AI's rapid deployment.

Supply chain exploits accounted for 1.1% of the CISA KEV exploits.

IT leaders prioritize inbound threats like phishing, with 47% citing it as a top concern. However, two-thirds acknowledge that outbound breaches from human errors cause more data loss than social engineering attacks.

16% of respondents indicated that the speed of filling open legal/compliance privacy roles increased.

32% of leaders cite increased focus on risk mitigation as their motivation for change in their security focus

67% of IT leaders claim that email doesn’t get the security attention it deserves.