CYBERSTATS

Security Intelligence

Sophos

Cybersecurity reports and statistics published by Sophos

8 categories5 reports

Research Reports

Reports and publications from Sophos

The State of Identity Security 2026

State of Ransomware in Retail

The State of Ransomware 2025

The Sophos Annual Threat Report: Cybercrime on Main Street 2025

Annual Threat Report: Cybercrime on Main Street 2025

Recent Statistics & Reports

67% of ransomware victims confirmed their ransomware incident stemmed from an identity attack.

RansomwareIdentity Compromise

Mean recovery cost for identity-related incidents reached $1.64 million, with a median of $750,000, and 73% of affected organizations facing costs of $250,000 or more.

Cost of BreachFinancial ImpactIdentity-Related Breach

One-third of organizations regularly rotate or audit service accounts and non-human identities, while just 11% do so continuously.

Non-Human IdentitiesAccess ManagementIdentity Attack

Weak non-human identity (NHI) management was cited in 41% of identity incidents.

Non-Human IdentitiesCredentials ManagementIdentity Attack

Organizations with weak NHI management pay approximately $150,000 more to recover from incidents than average.

Cost of BreachNon-Human Identities

Human error (employees tricked into providing credentials) was cited in nearly 43% of identity incidents.

Human ErrorSocial EngineeringIdentity Attack

71% of organizations suffered at least one identity-related breach in the past year.

Identity SecurityData BreachIdentity-Related Breach

Organizations that find compliance requirements very challenging have a breach rate of 82.4%, which is 14 percentage points higher than organizations with lower compliance difficulty (68.3%).

ComplianceBreach RiskIdentity Attack

Energy, oil/gas, and utilities reported an 80% breach rate and federal/central government report a 78% breach rate, the highest across industries surveyed.

Critical InfrastructureGovernmentIdentity Attack

14% of breached organizations cannot detect and stop their most significant identity attack before damage is done.

DetectionIncident ResponseIdentity Attack

Only 24% of organizations continually monitor for unusual login attempts.

Access MonitoringSecurity Visibility

When identity breaches impact business, the primary consequences are data theft (49%), ransomware (48%), and financial theft (47%).

Data TheftRansomwareFinancial Theft

10% of organizations reported an identity breach that impacted their business in the last year.

Identity BreachBusiness Impact

More than 50% of organizations check for unusual login attempts every three months or less.

Access MonitoringSecurity Visibility

Organizations with weak NHI management are 22% more likely to experience financial theft.

Financial TheftNon-Human Identities

5% of organizations reported six or more identity-related breaches.

Repeat VictimizationIdentity SecurityIdentity-Related Breach

Organizations reported an average of three separate identity-related incidents.

Identity SecurityIncident FrequencyIdentity-Related Breach

62% of retailers who experienced attacks restored their data using backups in 2025, the lowest rate in four years

RansomwareEncrypted dataBackup

47% of retail IT/cybersecurity teams reported increased pressure after experiencing data encryption in 2025

RansomwareData encryptionRetail

The average cost of recovering from a ransomware attack in retail, excluding any ransom payment, dropped by 40% to $1.65 million in 2025, the lowest point in three years

RansomwareRansom Retail

Showing 1-20 of 60 results

Top Categories

8

Identity Attack

6

Identity-Related Breach

4

Non-Human Identities

4

Vulnerabilities

4

Identity Security

Related Vendors