CyberSecStats #10 - Verizon DBIR, monthly ransomware review, and workplace AI adoption
Hello! 👋🏼 Laura from CyberSecStats here with a weekly email of the latest cybersecurity vendor reports and research.
All the cybersecurity statistics below were published between April 21st - April 27th, 2025.
General
Mandiant M-Trends 2025 Report
16th edition of M-Trends.
Key stats:
- Exploits continue to be the most common initial infection vector (33%).
- Stolen credentials are the second highest initial infection vector, making up 16% of investigations. This rise means stolen credentials were the second most common initial infection vector for the first time in 2024.
- 55% of threat groups active in 2024 were financially motivated, showing a steady increase.
Read the full report here.
Verizon 2025 Data Breach Investigations Report
Insights into the current cybersecurity landscape.
Key stats:
- Third-party involvement in breaches doubled to 30% in this year's report.
- There was a 34% surge globally in vulnerability exploitation as an initial attack vector.
- Ransomware attacks rose by 37% since last year.
Read the full report here.
Rubrik Zero Labs The State of Data Security in 2025: A Distributed Crisis
Insights from 1,600+ IT and security leaders across 10 countries (half of whom were CIOs or CISOs) and Rubrik telemetry data, including an analysis of 5.8 billion total files across cloud and SaaS environments.
Key stats:
- Nearly one fifth of organizations globally experienced more than 25 cyberattacks in 2024 alone. This equates to an average of at least one breach every other week.
- Nearly three-quarters (74%) of respondents said threat actors were able to partially compromise backup and recovery systems.
- 40% of respondents reported increased security costs as a consequence of a cyber attack.
Read the full report here.
Netwrix 2025 Cybersecurity Trends Report
Insight into how organizations are evolving their approach to cybersecurity as AI adoption grows.