81% of small businesses reported suffering a security breach, a data breach, or both in the past year.

Identity-related breaches impacted 69% of global organizations in 2025, up from 42% the previous year.

Around eight in ten organizations report at least one data breach in the past year, both in on-premises infrastructure (78%) or in the public cloud (79%).

Identity-related breaches impacted 69% of global organizations in 2026, up from 42% the previous year.

The percentage of U.S. Chief Information Security Officers (CISOs) who are very or extremely concerned about losing their job after a major breach decreased from 77% in 2024 to 55% in 2025.

24% of global organizations indicated that costs from identity-related breaches exceeded $10 million, a three-percentage-point increase from the previous year.

Only 56% of Japanese respondents reported experiencing an identity-related breach in the past three years.

Data breaches accounted for 17.4% of cyber incidents affecting public administration in the EU in 2024.

69% of global organizations experienced an identity-related breach in the last three years, marking a 27-percentage-point increase from the previous year.

Overall concern among U.S. CISOs about a breach fell from 86% in 2024 to 62% in 2025.

67% of family offices demonstrated the highest level of concern about outdated infrastructure and their ability to recover from a data breach (compared to 50% average).

Full Social Security numbers were exposed in 77% of US data breaches in H1 2025, marking an 8% increase over H1 2024 and an all-time high.

50% of enterprise security and business leaders say AI tools will cause the next data breach.

17 S&P 500 companies cited data breaches and unauthorized access as a cybersecurity risk tied to AI.

For companies with $5 billion or more in revenue, 41% reported a breach costing $1 million or more.

More than a quarter of executives reported that their most damaging data breach in the past three years cost their organisation at least $1 million.

60% of organizations have experienced data breaches or theft in software development, AI, and analytics environments, an 11% increase from the previous year.

In 17.0% of cases since 2019, breaches were first reported by external parties.

Between 2019 and 2023, other sectors experienced large losses primarily from ransomware (53.1%), followed by data breaches (25.0%) and other causes (21.9%).

Between 2019 and 2023, healthcare experienced large losses primarily from ransomware (57.1%), followed by data breaches (28.6%) and other causes (14.3%).