53% of leaders at U.S. organizations cite a lack of qualified candidates as a high-impact challenge.

70% of US organizations are dedicating more than 10% of their budgets to AI-related cyber initiatives.

53% of New Yorkers try to follow best practices like using two-factor authentication when using public WiFi, while 15% report using no security measures at all.

98% of security leaders at U.S. organizations confirmed budget increases in the last 12 months.

In one-third (33%) of cases, the SMB business owner personally handles alerts and incident resolution.

64% of SMB owners reportedly recovered quickly from a cyber attack.

41% of SMBs have endpoint protection.

83% of US organizations reported a rise in cyberattacks.

49% of New Yorkers avoid accessing sensitive information like banking accounts and email when on public WiFi.

In December 2025, Japan had 18%, the UK had 16%, and the US had 12% of organizations classified as 'Exceptional' in AppSec maturity.

31% of SMB owners don't know exactly how much they spend on cybersecurity.

17% of SMBs significantly increased their cybersecurity spend.

3% of SMB owners faced severe, lasting damage following a cyber attack.

Half of SMBs reported increasing their cybersecurity budgets.

52% of SMBs employ email/spam filters.

43% of SMBs report they experienced a cyberattack in the past 5 years.

26% of SMBs do not conduct regular penetration tests or security assessments.

80% of SMBs with a formal incident response plan in place were able to avoid major damage during an attack.

Over 85% of New Yorkers indicated they would (41.8%) or might (43.7%) stop using a company if it suffered a data breach.

42% of SMBs are worried about outdated technologies, with healthcare businesses the most concerned.