Organizations recognize the importance of email security training, with 95% of IT leaders confirming its availability within their companies

Roughly 50% of CISOs expect automation to optimize compliance through a single pane of glass.

50% of CISOs said that, on an annual basis, they spend more than $200,000 worth of capital and dedicated staff resources to achieve and maintain compliance across their organisation.

Roughly 20% of the domains registered by Scattered Spider imitated Gateway and Network Infrastructure.

DLP adoption varies widely by industry, with the telecommunications sector leading all others at 64% DLP adoption for genAI.

46.2% of organisations said they don’t have a sufficient budget to invest in GRC tools.

At the current trajectory, 96% of organizations will be using genAI apps by the end of 2025.

31.1 million breached passwords were over 16 characters in length.

Regarding phishing links, URL redirection was the most employed tactic (51%), followed by compromised websites (19%) and newly created domains (7%).

83% of compromised passwords satisfied the length and complexity requirements of regulatory password standards.

29% indicated there were open technical privacy positions.

61% of employers say hybrid working makes it difficult to maintain consistent supervision and control of their employees.

93% of employees identify email as “important” or “very important” to their day-to-day work

Roughly two-fifths of CISOs are challenged by evidence gathering (41.5%) as a challenge in satisfying regulatory requirements.

23% of employees say classroom training is the most engaging/effective email security training format

59% of CISOs said they would become a whistleblower if their organisation was ignoring compliance requirements.

24% expect their privacy budget to stay the same in the next 12 months.

36% of employers have considered moving to full-time in-office work based on employee monitoring methods.

40% of businesses view data sovereignty as a compliance issue.

50% of employees said they would inform the recipient if they made an email error, 44% would notify their IT team or line manager, 31% would tell a friend or colleague, and 9% admitted they wouldn't tell anyone.