61% said privacy awareness training was separate from security training.

Organisations can experience nearly 4 times better return on investment (ROI) from their cybersecurity investments by consolidating multiple tools into a unified platform.

The average number of breach notifications in 2024 increased slightly to 363 from 335 in 2023.

34% of IT leaders say too many separate security solutions - lack of integration, security gaps a, and / or duplication is among the biggest security vulnerabilities in organizations

The second most active ransomware group in December was Clop with 68 attacks, followed by Akira with 43 attacks and RansomHub with 41 attacks.

51% of CISOs see upskilling or reskilling security employees as a priority, versus 27% of boards.

24% of respondents said they have fallen victim to smartphone phishing attacks.

36% of CISOs consider contributing to revenue growth initiatives a priority compared to 24% of board members.

46% of CISOs said attaining security milestones was indicative of their success, compared to only 19% of board respondents.

51% of ransomware victims paid a ransom demand.

In 2024, there was an average of three monthly API-related breach incidents—and, at times, as many as five to seven breaches each month.

18% of CISOs revealed they were unable to support a business initiative because of budget cuts in the last 12 months.

38% of IT leaders say lack of awareness and understanding of security by employees is among the biggest security vulnerabilities in organizations

53.2% of CISOs take note of their organisation's regulatory requirements.

"Akira" more than doubled its Q3 count and listed 71 organisations on data-leak sites in December alone.

60% of employees in financial services say they frequently use IT policy workarounds to “get the job done” and save time or effort.

38% of public-sector organisations report insufficient resilience, compared to 10% of medium-to-large private-sector organisations.

The fastest recorded lateral movement occurred in just 27 minutes.

ZeroFox observed at least 4,950 separate ransomware and digital extortion (R&DE) incidents throughout 2024, which is significantly more than the approximately 4,000 incidents observed during 2023.

Industries with the lowest AI adoption rates that will see increases next year include banking, state governments, local governments, and education. Even in these industries, adoption is already high, at or above 85%.