The proportion of businesses and charities experiencing any negative outcome following a breach or attack has remained consistent with 2024/2025 (19% for business and 11% for charities in 2025 compared to 16% for both businesses and charities in 2024/2025).

Billing account update requests have a 26.5% compromise rate.

93% of UK organisations have complete or partial visibility over where their data is stored, processed and potentially accessible, including 48% with complete visibility and 45% with only partial visibility.

Connected IoT device counts in manufacturing facilities are projected to more than double between 2025 and 2030.

Confirmed business email compromise (BEC) losses range from $140,000 to $1.5 million, compared to an average of roughly $40,000 in early 2025.

31% of users in monitored SMB environments are exposed to compromised passwords each month.

Session hijacking incidents increased by 23% over a 180-day period.

Over 90% of healthcare and manufacturing organizations have protected fewer than 80% of their critical systems.

21% of organisations have a dedicated team responsible for delivering digital resilience initiatives

80% of IT decision makers see open source as providing greater control over how AI is built and where it runs.

Routine invoice inquiries have a compromise rate of less than 1%.

88% of organizations are actively implementing or have established clearly defined guardrails or governance policies for AI security tools.

78% of cybersecurity professionals confirm that AI has already improved threat intelligence operations to some degree.

56% of organizations either participate in formal threat-sharing networks (35%) or are actively planning to join one (21%).

IT professionals see their roles as 52% more strategic compared to two years prior.

IT professionals see their roles as 52% more automation-driven compared to two years prior.

81% of IT professionals agree AI is changing how teams work more than how much they work.

Among organizations hit by ransomware where operations or data were affected, only 28% fully recovered all affected data.

36% of organizations cite cyberattacks as a top emerging threat.

43% of organizations say AI adoption is outpacing their ability to secure data and models.