68% of enterprise leaders use SIEM integration for visibility of backbone traffic.

77% of enterprise leaders say data sovereignty requirements heavily influence their choice of backbone provider.

85% of hackers believe reporting critical vulnerabilities is more important than making money.

Women represent just 5% of the hacker community.

Cyber criminals are responsible for nearly six times more cyber incidents than state-sponsored actors.

Exploits against IoT devices increase from 16% to 19%, with IP cameras and NVRs the most frequent targets.

Exploits targeting network infrastructure devices represent 19% of all observed exploits, making them the second most common attack category.

Two of the top 10 most exploited Autonomous Systems from 2024 drop off the top-10 list in 2025, while three new Autonomous Systems had not previously ranked in the top 500.

242 vulnerabilities are added to the CISA Known Exploited Vulnerabilities catalog, a 30% year-over-year increase, and 285 vulnerabilities are added to the Vedere Labs KEV, a 213% year-over-year increase.

Discovery activity accounts for 91% of post-exploitation actions, up from 25% in 2023.

48% of enterprise leaders are not fully confident they could demonstrate compliance with data protection regulations.

Only 52% of enterprise leaders feel very confident about the security of data travelling across their own networks.

Attacks using OT protocols surge by 84%, led by Modbus (57%), Ethernet/IP (22%), and BACnet (8%).

62% of organizations experience deepfake incidents.

98% of hackers remain proud of their work.

81% of banks experienced at least one unauthorized network access incident in the past year.

16% of banks have an enterprise-wide AI roadmap.

32% of cybersecurity leaders report AI-related attacks.

Only 28% of leaders in France feel certain they meet regulatory requirements, compared to 60% in the UK.

56% of hackers say geopolitics now outweighs pure curiosity as a driving factor in hacking.