Cyber Incident
We've curated 52 cybersecurity statistics about cyber incidents to help you understand how breaches, attacks, and vulnerabilities are impacting organizations and shaping security practices in 2025.
Showing 1-20 of 52 results
71% say AI has made security incidents harder to detect, investigate, or fix
Downtime per incident averaged almost 30 hours.
61% of healthcare practices expect a fatal cyberattack within five years.
1 in 5 suffered a serious incident linked to AI code
85% of security and IT leaders identify security incidents, data exposures, or near misses where the root cause is an AI system.
42% of organizations that experienced a cyber incident report customer or constituent disruption.
41% of organizations that experienced a cyber incident report financial loss or revenue impact.
38% of organizations that experienced a cyber incident report extended downtime of critical systems.
In 2025, not a single Chief Information Security Officer (CISO) reported being able to recover from a cyber incident within a day.
In 2025, 57% of CISOs reported that their organizations took more than 4.5 days on average for full remediation and recovery after a cyber incident.
In 2025, 19% of CISOs indicated that recovery efforts from cyber incidents extended as long as two weeks.
72% of CISOs agreed that their role has evolved to include leading their organization’s ability to recover continuity following a cyberattack or security incident.
89% of schools experienced at least one cyber incident in the past year, primarily phishing, unauthorized access, and malware.
Cyberespionage campaigns constituted 2.5% of all reported cyber incidents in the EU in 2024.
Cybercrime operators accounted for approximately 16% of cyber incidents in the EU in 2024.
44% of CISOs rank board or executive expectations as their number-one stressor.
17% of CISOs say they always feel personally blamed for security incidents, regardless of the root cause.
Nearly 20% of recent incidents reported by CISOs were already AI-related.
60% of healthcare organizations reported operational disruptions due to cyber incidents.
Boards most often ask CISOs for the following metrics: risk-reduction trendlines (51%), quantified business impact (47%), and incident-response performance metrics (40%).