EMEA accounted for 57% of all Web DDoS attacks globally.

North America accounted for 40.7% of malicious bot transactions, followed by APAC (25%), EMEA (19.1%) and Central and Latin America (15.2%).

More than 3.2 million DDoS attacks in the first half of 2025 occurred in EMEA.

23% of financial services organizations have not conducted digital operational resilience testing (a DORA requirement).

20% of financial services organizations have yet to secure the necessary budget to meet DORA requirements.

40% of organizations call DORA a current "top digital resilience priority".

24% of financial services organizations have not established recovery and continuity testing (a DORA requirement).

24% of financial services organizations have not identified a DORA implementation lead (a DORA requirement).

41% of senior IT decision makers at financial services report increased stress and pressure on IT and security teams due to DORA.

94% of organizations surveyed now rank DORA higher in their organizational priorities than they did in the month before the deadline.

34% of financial services organizations cite third-party risk oversight as the most challenging DORA requirement to implement.

22% of financial services organizations believe the volume of digital regulation is becoming a barrier to innovation or competition.

94% of organizations are clear on the steps they need to take for DORA compliance.

39% of senior IT decision makers at financial services reported DORA remains a central focus.

Only 20% of financial services organizations have yet to implement third-party risk oversight (a DORA requirement).

Half (50%) of the respondents said DORA requirements have been integrated into their broader resilience programs.

Over a third (more than 33.3%) of financial services organizations named third-party oversight the most challenging DORA requirement to implement.

21% of financial services organizations have not ensured backup integrity and secure data recovery (a DORA requirement).

22% of financial services organizations felt that DORA’s design could have been improved to aid compliance

24% of financial services organizations have not implemented incident reporting (a DORA requirement).