25% of internal audit functions report extensive use of AI in risk assessment and 39% report occasional use.

19% of internal audit functions report extensive use of AI in fieldwork and 39% report occasional use.

Network-layer DDoS attacks targeting OSI layers 3–4 increased 168.2% year over year.

Peak network-layer DDoS attack volumes reached almost 30 Tbps.

In the second half of 2025 the average Radware customer experienced more than 25,351 network-layer DDoS attacks, averaging 139 attacks per day.

Web DDoS attacks targeting OSI layer 7 increased by 101.4% compared to 2024.

Most high-impact Web DDoS attacks now last less than 60 seconds.

94.4% of Web DDoS attacks measured under 100,000 requests per second.

EMEA accounted for 57% of all Web DDoS attacks globally.

Bad bot activity increased 91.8%.

APAC's Web DDoS attacks surged 485% year over year.

92% of security professionals say automation reduces their team's mean time to respond.

51% of companies use a cybersecurity exposure score or risk-based index.

70% of CIOs expect new AI audit or explainability requirements within the next 12 months.

87% of CIOs say AI agents are already embedded in critical operations.

The services industry recorded a 118% year-on-year increase in ransomware attack volume in 2025.

The healthcare sector accounted for 22% of all disclosed ransomware attacks in 2025.

The education sector saw ransomware attacks decrease by approximately 12% year-on-year in 2025.

Approximately 86% of ransomware attacks are never publicly reported.

The Qilin ransomware group claimed 1,115 victims in 2025, making it the most active ransomware group across disclosed and undisclosed attacks.