45% of organizations reported that their cyber insurance policy could be voided if required security controls were not in place.

54% of firms in the financial services industry still rely on spreadsheets or in-house systems to track security controls.

84% of CISOs expressed concern over whether their cyber defenses could withstand an attack from a sophisticated threat actor

One in five attacks in 2024 displayed some form of evasive technique designed to evade traditional network and endpoint-based security controls

None of the nearly 93,000 threats analysed in Red Canary's 2025 Threat Detection Report were prevented by customers' expansive security controls.

Critical security controls were found to be either non-compliant with internal security and risk policies or missing from devices 15 percent of the time in the analysed healthcare PCs.

48% of enterprises report implementing specific security controls for AI deployments.

12% of enterprises are waiting for security controls to be ready before deploying AI.