CyberSecStats #18 - Monthly statistics round-up May/June 2025

Hello! Laura from CyberSecStats here with a monthly email of 100+ cybersecurity statistics pulled from vendor reports and research papers.

All of the statistics and data points below were published by cybersecurity vendors in the past month (May/June 2025) and include direct links back to their publisher/source.

Cybersecurity incident experiences

1. 88% of CIOs faced cybersecurity incidents in the last 12 months. (Logicalis)
2. 43% of CIOs suffered multiple breaches. (Logicalis)
3. 78% of CIOs say breach frequency is steady or rising. (Logicalis) 
4. 76% of CISOs reported major impacts from breaches. 36% faced downtime, 30% had data exposed, and 28% incurred financial loss. (Pentera)
5. 75% of incidents involve unmanaged assets. (Trend Micro) 

Ransomware trend data

6. The number of unique ransomware groups that reported a victim has risen from 41 in 2023 to 77 in 2024, an increase of nearly 88%. 
7. Ransomware attacks rose 25% in 2024. (Bitsight)
8. The number of ransomware leak sites increased by 53%. (Bitsight) 
9. Ransomware cyber insurance claims frequency dropped 3%. (Coalition)
10. The number of publicly disclosed victims rose 25% (Apr 2024–Mar 2025), after an 81% surge prior. (Black Kite)
11. 96 ransomware groups are now active. (Black Kite)
12. SMBs in the $4M–$8M range were hit most often. (Black Kite)
13. Ransomware caused 67% of known third-party breaches. (Black Kite)
14. Ransom payment values declined by 35%. (Black Kite)

Cybersecurity concerns

15. Only 58% of CIOs are confident in their ability to identify potential security gaps. (Logicalis)
16. Top concerns for CIOs regarding cybersecurity risk include: malware and ransomware (42%), data breaches (37%), AI-driven attacks (34%), and phishing (33%). (Logicalis) 
17. 68% say media reports of high-profile breaches have elevated cybersecurity on the C-suite agenda. (LevelBlue)
18. 58% view external threats (like malicious actors and state-affiliated groups) as more significant than internal threats (42%). (Cisco)

DDoS attacks

19. 50%+ teams struggle to coordinate teams during DDoS attacks. (Corero)
20. 68% report challenges showing the ROI of DDoS protection to leadership. (Corero)

Cloud incidents and security trends

21. On average, organizations detect 17 cloud vulnerabilities weekly. (Prowler)
22. Teams sift through ~7,000 alerts to find one real cloud threat. (ARMO) 
23. 45% report frequent false positives from cloud tools. (ARMO) 
24. 63% use over five runtime cloud security tools. (ARMO) 
25. ~1/3 of cloud assets are neglected, each with ~115 vulnerabilities. (Orca Security)
26. 36% of organizations have at least one cloud asset with 100+ attack paths. (Orca Security)
27. Top tech expected to impact cloud security in the next three years: AI/ML analytics (27%), open-source tools (17%), and automated threat response (16%). (Prowler)
28. Expected gaps (in the next 12 months): budget (45%), talent (42%), and automation (34%). (Prowler)
29. 37% failed audits due to cloud security issues in the past year.  (Prowler)

AI-driven attack data

30. AI-driven attacks now occur as frequently as phishing, placing AI firmly among the top three cybersecurity threats. (Logicalis)
31. 42% of executives believe AI-powered threats will happen. (LevelBlue)
32. 59% say AI is making threats harder for employees to spot.  (LevelBlue)
33. Only 49% believe staff fully understand AI-related risks.  (Cisco)

Vulnerabilities and vulnerability management

34. 57% say automation speeds up vulnerability response. (Optiv)  
35. 74% identify a lack of understanding of every potential source of vulnerability as their biggest challenge to effective vulnerability management. (Optiv)  
36. 91% face delays in remediation. (Seemplicity)
37. 61% measure vulnerability remediation success by number of fixes; 54% by fewer breaches. (Seemplicity)
38. 1 in 5 organizations take 4 or more days to fix critical vulnerabilities. (Seemplicity)
39. Nearly 40% still rely on manual workflows for most of their vulnerability remediation processes. (Seemplicity)
40. Total number of software vulnerabilities rose 61% YoY in 2024.(Action1)
41. Critical vulnerabilities rose by 37.1% in 2024. (Action1)
42. Known exploited vulnerabilities surged 96%. (Action1)

Cybersecurity budget and spending trends

43. 79% of companies are adjusting their cybersecurity budgets; 71% report increases.(Optiv) 
44. Average enterprise security budget: $24M. (Optiv) 
45. 67% of companies now use risk/threat assessments to guide budgets, up from 53% in 2024. (Optiv) 
46. 30% say limited budget blocks adoption of new solutions. (Seemplicity)
47. U.S. enterprises spend ~$187K yearly on pentesting - 11% of a $1.77M average security budget. (Pentera)
48. 85% of CISOs say the volume of nation-state threats influence their budget. (Trellix)
49. Among SMBs with fewer than 50 employees, more than half allocate less than 1% of their annual budget to cybersecurity. (CrowdStrike)

Security tool opinions from CIOs

50. 50% of CIOs say they've overinvested in unnecessary tools.  (Logicalis)
51. 50% admit they're not using all features of their security tools. (Logicalis)
52. 50% of tech leaders lack tools that fit their business needs.  (Logicalis)
53. 41% of CIOs don't believe their current security investments fully meet their organization's needs. (Logicalis)

AI cybersecurity tool adoption and benefits 

54. Only 29% of executives hesitate to adopt AI due to cybersecurity ramifications.  (LevelBlue)
55. 43% of organizations use AI to anticipate and prevent attacks. (MixMode)
56. Among organizations using AI in the SOC, 57% report faster alert resolution, 55% say it frees up analyst bandwidth, 50% cite better real-time threat detection . (MixMode)
57. AI improved prioritisation of threats (56%), SOC team efficiency (51%), threat analysis speed (43%), job satisfaction (70%). (MixMode)
58. Only 11% of organizations fully trust AI for mission-critical tasks. (Splunk)
59. 46% of respondents say their organizations use AI/ML to prevent cyberattacks. (Optiv)
60. 70% of organizations say integrating AI tools with legacy systems is difficult. (MixMode)
61. 59% cite a lack of internal expertise to validate AI vendor claims. (MixMode)
62. Barriers to AI adoption: high implementation and maintenance costs (73%), lack of in-house expertise (64%), difficulty integrating the technology with existing systems (58%). (FIS and Oxford Economics)
63. 73% of respondents report investing in AI-specific security tools, using either new budgets or reallocating existing resources. (Thales) 
64. Among those focused on AI security, most buy from cloud providers; nearly half turn to startups. (Thales) 
65. Key drivers for AI/ML adoption: efficiency (41%) and competitive edge (40%). (Optiv)

AI application usage risks and fears

66. 68% of organizations have data leakage incidents due to employees sharing sensitive data with AI tools. (Metomic)
67. Only 23% of organizations have implemented comprehensive AI security policies. (Metomic)
68. Less than 10% of enterprises have implemented data protection policies and controls for AI applications. (Skyhigh Security)
69. 11% of files uploaded to AI applications include sensitive corporate content. (Skyhigh Security) 

Credential security 

70. Stolen credentials are the second highest initial infection vector, making up 16% of investigations. (Mandiant)
71. 35%+ had an account compromised due to weak passwords last year. (FIDO Alliance)
72. 1.7 billion stolen credential records were shared in underground forums. (Fortinet)
73. Among the roles most vulnerable to credential theft, 28% were in Project Management, followed by Consulting (12%) and Software Development (10.7%). (KELA) 
74. Ransomware followed stolen credentials within 2.5 weeks on average. (KELA) 
75. Password cracking is 20% faster than in 2024 using consumer GPUs.  (Hive Systems)
76. Valid credentials were used in 48.6% of initial access cases. (eSentire) 
77. 76% of CIOs see credential leaks as a growing threat. (Logicalis)

Infostealer use

78. Infostealer cases rose 31% YoY. (eSentire)
79. 35 unique infostealers detected in 2024, up from 26 in 2023. (eSentire)
80. Infostealer activity has surged 266% in recent years. (KELA)

Social engineering trends and types

81. Callback phishing made up 16% of phishing attempts in Q1 2025. (VIPRE Security Group)
82. Vishing (voice-call phishing) tactics grew by 28%. (Zimperium)
83. Smishing attacks grew by 22%. (Zimperium)
84. Over 60% of top-clicked phishing emails were related to HR and IT. (KnowBe4)
85. 60.7% of phishing clicks mentioned an internal team. (KnowBe4) 

BEC (and VEC) compromise

86. BEC/user account compromises rose 70% in 2024. (eSentire)
87. 60% of cyber insurance claims stemmed from BEC and funds transfer fraud. (Coalition)
88. 29% of BEC cases led to funds transfer fraud. (Coalition)
89. BEC claim severity jumped 23%.  (Coalition) 
90. Email-based BEC attacks surged 70% YoY.  (Cofense)
91. 72% of large enterprise employees acted on malicious vendor emails. (Abnormal AI)

Post-quantum cryptography 

92. A cryptanalytically relevant quantum computer capable of breaking common public key schemes is expected by 2030. (Utimaco)
93. PQC migration status: 20% started, 34% plan to in 1–3 years, 21% in 3–5 years, 25% have no plans. (Utimaco)
94. 63% prefer a hybrid approach (classical + PQC); 26% favor larger symmetric keys.  (Utimaco)
95. 95% lack a quantum computing roadmap. (ISACA)
96. Only 5% have a defined strategy. (ISACA)
97. 62% worry quantum will break current encryption; just 5% consider it a near-term priority. (ISACA)
98. Only 5% have implemented quantum-safe encryption. (DigiCert)
99. 46.4% say much of their encrypted data could be at risk. (DigiCert) 
100. 63% cite future encryption compromise as the top quantum threat.  (Thales)