70% of manufacturing organizations place remote engineers at the top of the segmentation priority list.

No organizations reported experiencing zero material business impact from AI agent-related incidents.

40% of unknown AI agents emerge in SaaS tools with built-in automation.

13% of enterprises report fully autonomous AI agent models.

38% of enterprises require human approval when AI agents exceed their scope.

24% of enterprises require actions that exceed an agent's scope to be logged.

53% of enterprises use human authorization as a primary signal for governing AI agent behavior.

79% of enterprises say context-aware controls will be important or very important in the next two years.

43% of employees are worried about AI-driven data exposure or attacks.

Only 41% of IT decision-makers have significantly changed their approach to disaster recovery planning due to accelerated AI adoption.

32% of IT decision-makers conduct monthly testing of disaster recovery plans.

Time-to-exploit (TTE) is 24–48 hours for critical outbreaks, compared to 4.76 days previously.

LLMs have the lowest resolution rate of all application types, with just 38% of high-risk issues being fixed.

One in five organizations experienced an LLM security incident in the last year, while a further 18% are unsure and 19% preferred not to answer.

Security teams' confidence in their ability to keep up with the security implications of AI adoption declined from 64% to 51%.

57% of C-suite executives believe their organization consistently meets remediation SLAs, yet only 15% of security practitioners agree.

33% of organizations reported significant security budget growth in the past year, while 50% saw incremental increases.

In 2025, AI enabled attackers to automate up to 80–90% of a specific nation-state espionage campaign.

46% of security decision makers identify ransomware attacks as a leading concern, 44% identify cloud environment breaches, 37% identify email compromise, 37% identify data theft, and 35% identify supply chain compromise.

In January 2026, bots accounted for 49% of all requests, nearly matching human traffic at 51%.