CyberSecStats #33 - Insider risk, AI fraud, and cyber resilience gaps

Hello!

Laura from CybersecStats here.

Fresh vendor research this week spans resilience, ransomware, insider risk, AI security, consumer scams, and more.

As always, these are all fresh reports published between October 13th–19th, 2025.

Thanks for subscribing. 

This Month's Stand-Out trends:

Before we get into the full breakdown, here are three standout insights from this week's data:

1. Cyber resilience gaps grow. 55% of organizations still don't fully understand cyber resiliency and 83% admit they don't have a tested recovery plan in place.
2. AI fraud is a six-figure problem. With 41% of attacks now AI-driven and average losses topping $414K per organization, AI-enabled fraud has become a mainstream business risk.
3. Insiders' driven breaches are mostly accidents. 77% of organizations experienced insider-driven data loss in the past 18 months and nearly two-thirds were unintentional. 

Big Picture Reports

Cyber Resilience: By the Numbers (Index Engines)

A report on the gap between cyber resilience awareness and actual preparedness to respond and recover from cyberattacks.

Preparedness is still lacking:

• 55% of organizations still do not have a good understanding of cyber resiliency.
• 75% think cyber resiliency = the new disaster recovery.
• 83% of organizations do not have a tested, defined recovery plan.

Read the full report here.

State of Cybersecurity 2025 (CompTIA)

A broad report into the current cybersecurity landscape, including AI adoption, cybersecurity staffing and skills, and OT security challenges.

Most orgs are at the shallow end of the AI adoption curve:

• 70% of companies are in early stages of AI adoption.
• There are 514,000 U.S.-based job openings with cybersecurity-related skills.
• 34% of companies are exploring cybersecurity insurance.

Read the full report here.

Ransomware

BlackFog's 2025 Q3 Ransomware Report (BlackFog)

Findings from BlackFog's analysis of global ransomware activity from July to September 2025 across both publicly disclosed and non-disclosed attacks.

Ransomware attacks are on the up in Q3 2025:

• 270 publicly disclosed ransomware attacks were reported in Q3 2025 - 36% increase compared to the same quarter in 2024.
• The healthcare, government, and technology industries together represented 53% of all publicly disclosed ransomware activity during Q3 2025.
• 96% of all disclosed ransomware cases involved data exfiltration in Q3 2025.

Read the full report here.

Insider Risk

2025 Insider Risk Report (Fortinet)

Insights into insider threats.

Most insider incidents aren't malicious, but some are:

• 77% of organizations experienced insider-driven data loss in the past 18 months.
• Most insider incidents are unintentional: 62% were caused by negligent or compromised users.
• Only 16% of insider incidents involved confirmed malicious intent.

Read the full report here.

AI

Realizing the Value of AI Cisco AI Readiness Index 2025 (Cisco)

How well organizations are prepared to scale artificial intelligence from experimentation to measurable business value. The report identifies a small elite group, the "Pacesetters" (13% of organizations), who are outperforming peers by building the right infrastructure, governance, and culture to capture AI's full potential.

Most organizations aren't ready for agentic AI:

• Less than a third (31%) of organizations surveyed report that they are fully equipped to control and secure agentic AI systems.
• 84% of Pacesetters (most AI-ready group) control agent actions with guardrails and live monitoring vs 24% of all companies.
• Talent gaps are most acute in the area of cybersecurity for AI, affecting 60% of all companies surveyed.

Read the full report here.

State of AI Fraud and Privacy Report (Fingerprint)

A report revealing how AI-driven fraud and tightening privacy regulations are creating a dual crisis for organizations.

AI-driven fraud is costing organizations big:

• 41% of fraud attacks targeting surveyed organizations are now AI-driven.
• The average loss due to AI-driven fraud is $414,000 per organization.
• 93% of fraud teams report noticeable operational impacts from AI-driven threats.

Read the full report here.

MCP Server Security

State of MCP Server Security 2025: 5,200 Servers, Credential Risks, and an Open-Source Fix (Astrix Security)

Research highlighting a foundational security flaw in the adoption of Model Context Protocol (MCP) servers, the technology that enables AI agents to access tools, data, and systems.

MCP servers have a serious credential problem:

• 88% of open-source Model Context Protocol (MCP) server implementations require credentials.
• 53% of open-source Model Context Protocol (MCP) server implementations rely on insecure, long-lived static secrets, such as API keys and Personal Access Tokens (PATs).
• 8.5% of open-source Model Context Protocol (MCP) server implementations adopt modern and secure authentication methods, such as OAuth.

Read the full report here.

Fraud and Scams (Consumer)

Cybersecurity Awareness Month 2025 Poll: It's 10 PM. Do you know what your child is doing online? (Bitwarden)

How parents approach digital safety for their children amid the growing prevalence of AI-enhanced online scams and data privacy risks.

Young children are oversharing online:

• 42% of children ages 3-5 have unintentionally shared personal data online.
• 80% of Gen Z parents fear their kids will fall victim to AI-enhanced online threats.
• 44% of Gen Z households reported malware infections.

Read the full report here.

Norton Cyber Safety Insights Report - Holiday (Norton)

A report on consumers' shopping habits during the holiday season and the risks they face as a result.

Holiday shopping brings risky behavior:

• 27% of people say they tend to take more risks shopping online during the holiday season than at other times of the year.
• 47% say they have shared their personal information to receive a discount.
• 19% say they'd click on a social media ad or email link claiming to have the gift to get a high-demand gift during the holidays.

Read the full report here.

AI-driven scams are preying on Gen Z's digital lives​ (Malwarebytes)

A report on extortion scams, who they target (by generation), and their impact.

Extortion scams are widespread:

• 1 in 3 mobile users has been targeted by an extortion scam.
• 1 in 6 mobile users reported they've been a target of sextortion.
• 7 in 10 extortion victims say they are confident they can spot a scam.

Read the full report here.

MSPs

2025 Industry Survey on Microsoft 365 Management (Syncro)

A report examining how managed service providers (MSPs) are handling the growing complexity of managing and securing Microsoft 365 environments.

MSPs face Microsoft 365 security challenges:

• Nearly 29% of MSPs experienced a preventable client data loss event that could have been avoided with a dedicated backup solution.
• 46% of organizations cite enhanced security as their top reason for engaging MSPs.
• 36.5% of MSPs identified enforcing consistent security baselines across tenants as a top pain point when managing Microsoft 365.

Read the full report here.

Enterprise Risks

The Latest Security Organizational Design Trends (IANS Research & Artico Search)

A report on how Fortune 500–size enterprises structure their security organizations, allocate staffing budgets, and set compensation levels for leadership and technical roles.

Fortune 500 security teams are substantial:

• Fortune 500-size firms with revenues exceeding $7 billion generally have security teams of more than 50 professionals.
• 20% of the security staff budget for Fortune 500 organizations with 50+ security FTEs is allocated to SecOps.
• 95% of Fortune 500-size CISOs engage regularly with the full board and/or board subcommittees.

Read the full report here.

Risk trends to stay ahead in 2026 (Auditboard)

Insights into enterprise risk management.

Enterprises are ramping up for 2026:

• 40% of enterprises plan to increase cybersecurity staffing.
• Fewer than 30% of enterprises feel prepared for upcoming AI governance requirements.
• The median enterprise maps its controls to about seven frameworks.

Read the full report here.

Industry-specific

Shadow AI is outpacing healthcare email security (Paubox)

Insights into how artificial intelligence is spreading rapidly within healthcare organizations, creating serious risks to patient privacy and regulatory compliance under HIPAA.

Healthcare is racing to secure AI adoption:

• 95% of healthcare organizations report staff are already using AI tools.
• 41% of healthcare IT and compliance leaders feel confident they could detect improper AI use before a HIPAA violation occurs.
• 69% of healthcare IT leaders feel pressured to adopt AI faster than they can secure it.

Read the full report here.

2025 Financial Services Cyber Resilience Report (Omega Systems)

A report examining how cyber threats are directly impacting financial services firms' business stability and investor trust, and assesses how prepared (or unprepared) the industry is to respond and recover from attacks.

Cyberattacks threaten financial services stability:

• 87% of executives at financial services firms say a successful cybersecurity attack would trigger withdrawals or AUM loss.
• 94% of CFOs said they would expect client departures in the wake of a major incident.
• 61% are concerned about impersonation campaigns targeting their firms.

Read the full report here.

Geography-specific

Annual Review 2025 (National Cyber Security Centre)

A review of the National Cyber Security Centre's ninth year, highlighting its key developments and achievements.

UK cyber incidents have more than doubled:

• Nationally (UK) significant incidents represented 48% (204) of all incidents between September 2024 and August 2025, a significant increase from last year (89).
• There were 62 nationally (UK) significant incidents reported between September 2022 and August 2023, 4 of which were categorised as highly significant in nature and 63 nationally (UK) significant incidents reported between September 2021 and August 2022, 1 of which were categorised as highly significant in nature.
• Among this year's nationally significant incidents in the UK, 4% (18) were categorised as highly significant in nature.

Read the full report here.