Email was the preferred entry vector for cybercriminals, driving 43% of claims.

In the past 12 months, 87% of Canadian organisations have reported experiencing a security incident.

There has been a 10% year-over-year increase in the length of downtime per security incident on Canadian organizations.

61% of Canadian organisations report that their public cloud environments have been the most impacted by cyberattacks.

Canadian organisations experience an average downtime of 14 days due to increasingly effective cyberattacks.

Nearly three-quarters (73%) of IT decision-makers globally express concern about nation-state actors using AI to develop more sophisticated and targeted cyberattacks.

49% of financial institutions experienced a vendor-related cyber incident in the past year.

6% of UK SMEs were targeted up to 10 times in a year.

28% of UK SMEs say that a single attack could put them out of business .

Of the financial institutions who experienced a vendor-related cyber incident, 66% had recovery times under 60 days .

More than a third (35%) of UK SMEs experienced a cyber incident in 2024 alone.

More than a quarter (28%) of UK SMEs suffered between one and five attempted attacks.

The average cost of a cyber-attack for UK businesses with 50 or more employees was £5,0011.

Of the financial institutions who experienced a vendor-related cyber incident, 8% had recovery times more than 90 days .

The average cost of a cyber-attack for a small UK business was £3,3981.

62% of utility operators were targeted by cyberattacks in the past year.

38% of utility operators believed they had not been targeted by cyberattacks.

54% of utility operators who were targeted by cyberattacks suffered permanent corruption or destruction of data and systems.

Nearly 60% of attacks against utility operators were carried out by nation-state groups

Of those utility operators targeted by cyberattacks in the past year, 80% were attacked multiple times.