8% of enterprises say AI agents never exceed their intended permissions.

54% of enterprises report having between 1 and 100 unsanctioned AI agents.

16% of enterprises report high confidence in their ability to detect AI agent-specific threats.

53% of enterprises have had AI agents exceed their intended permissions, leaving them vulnerable to increased risk.

47% of enterprises experienced a security incident involving an AI agent in the past year.

43% of enterprises report that more than half of employees use AI agents regularly.

AI agent usage occurs in IT (53%), Security (37%), Customer Service (34%), and Engineering (34%).

HIPAA (43%), the NIST AI Risk Management Framework (37%), and SOC 2 or ISO 27001 (34%) are the frameworks that most influence enterprises' AI agent governance.

13% of enterprises feel highly prepared for upcoming AI-related regulations.

49% of enterprises feel slightly or not at all prepared for upcoming AI-related regulations.

The ransom payment rate in healthcare is 68%–72% compared with about 40% in other sectors.

Medical records sell for $250 to $1,000 each on illicit markets.

59% of cyberattacks on healthcare organizations involve ransomware.

56% of cyberattacks on healthcare organizations target U.S.-based organizations.

VPN and remote access systems account for roughly one-third of initial access vectors in healthcare cyberattacks.

Hospitals can lose $1,000,000 to $2,000,000 per day during operational disruptions caused by cyberattacks.

79% of cybersecurity professionals say threat intelligence sharing is critical or very important for detection and response workflows.

Real-time sharing of threat intelligence across SecOps, incident response, and vulnerability management nearly doubled from 17% in 2025 to 32% in 2026.

51% of observed ransomware victims in Q1 2026 were based in the United States; the United Kingdom and Canada each accounted for 4%.

The construction industry experienced 131 ransomware victims in Q1 2026, a 44% year-over-year increase.