26.83% of sensitive data input into GenAI tools was employee data, including payroll data, PII, and employment records.

14.88% of sensitive data input into GenAI tools was legal and finance data, such as information on Sales Pipeline Data, Investment Portfolio Data, and Mergers and Acquisitions.

6.88% of sensitive data input into GenAI tools was security policies and reports.

More board members than CISOs want CISOs to develop certain skills: Business acumen: 55% of board members vs 40% of CISOs, emotional intelligence: 45% of board members vs 35% of CISOs, Communication: 52% of board members vs 47% of CISOs.

49% of employees in Germany say they frequently use IT policy workarounds to “get the job done” and save time or effort.

The CISA Known Exploited Vulnerabilities (KEV) Catalog recorded 1,199 KEVs as of August 31, 2024.

Outdated SSL and TLS encryption misconfigurations declined, with the average misconfiguration ratio per enrollee dropping from 3.8 to 2.5.

54% of employees in Belgium say they frequently use IT policy workarounds to “get the job done” and save time or effort.

53% of employees in legal services say they frequently use IT policy workarounds to “get the job done” and save time or effort.

60% of employees in financial services say they frequently use IT policy workarounds to “get the job done” and save time or effort.

59% of employees in healthcare say they frequently use IT policy workarounds to “get the job done” and save time or effort.

Email security adoption showed strong progress, with 89% of organizations implementing DMARC (Domain-based Message Authentication, Reporting & Conformance).

Email security adoption showed strong progress, with 7% of organizations implementing both DMARC and SPF (Sender Policy Framework).

33% of employees say online training that uses real-life scenarios, prompts and notifications at the relevant time is the most engaging/effective email security training format

Federal organizations saw a 60% decline in exploitable service instances.

Web browser downloads were the second most common malware delivery method to endpoints, responsible for 28% of threats in Q3 2024. This is a 10% increase compared to Q2 2024.

Threats delivered by other vectors (such as removable media) to endpoints accounted for 20% of threats in Q3 2024, a 1% decrease compared to the previous quarter.

23% of employees say classroom training is the most engaging/effective email security training format

16% of employees say group training sessions over Zoom/Teams is the most engaging/effective email security training format

28% of financial and banking organisations in the UK have reportedly spent between €501,000-€1,000,000 on implementing regulations such as DORA and PRA.