CyberSecStats #32 - Recovery costs, API security and AI disclosures

Hello

Laura from CybersecStats here.

This week, 20 newly published reports hit our database, covering everything from the latest ransomware threat landscape trends to healthcare cybersecurity.

As always, thank you for subscribing.

This Month's Cybersecurity Eye-Openers

But before we get into the full breakdown, I want to spotlight three stats this week that jumped out at me:

1. Overconfidence is everywhere: Over 80% of organizations believe they're overly confident in their ability to recover from cyber incidents. Self-awareness is the first step, I suppose.
2. Manufacturing is the top ransomware target: Manufacturing has been ransomware's #1 target for four consecutive years, with a 9% increase in attacks this year alone.
3. Deepfake attacks have gone mainstream: 85% of organizations faced deepfake-related incidents in the past year, with average losses exceeding $280,000 per incident.

Big Picture Reports

11:11 Cyber Trends Report – 2025 (11:11 Systems)

Survey of over 800 senior IT professionals on the mounting complexity of cyber recovery planning.

Downtime is getting more expensive:

• 82% experienced a significant cyberattack in the past year.
• 48% report $100K-$250K losses per hour of downtime.
• Over 80% believe they're overconfident in their recovery capabilities.

Read the full report here.

The State of Observability Report 2025 (Dynatrace)

A survey of 842 CIOs, CTOs, and senior tech leaders on IT operations and DevOps management.

Investment is going into observability:

• 70% expect observability budgets to increase next year.
• 57% now use observability for security incident response.
• Only 32% currently use AI for observability.

Read the full report here.

Ransomware

GRIT Q3 2025 Ransomware & Cyber Threat Report (GuidePoint Security)

Quarterly analysis from the GuidePoint Research and Intelligence Team tracking the RaaS ecosystem and emerging cybercrime trends.

RaaS is still a dominant ransomware trend:

• 1,576 total public ransomware victim posts in Q3 2025.
• 77 active ransomware groups operating in Q3.
• 56% of global victims are U.S.-based organizations.

Read the full report here.

Fraud and Scams

Digital Guardians: The CSP Advantage in Delivering Consumer Cybersecurity (F-Secure & India)

Why communication service providers should be offering cybersecurity services to their customers.

Cybersecurity is becoming a consumer wishlist item:

• SMS scams jumped 70.3% from 2024 to 2025.
• Email scams increased 44.2% year-over-year.
• 61% of consumers would buy security services from their ISP.

Read the full report here.

The New Reality of Deepfake Attacks (IRONSCALES)

Survey of 500 IT professionals in mid-to-large organizations on deepfake attack prevalence.

The deepfake problem is getting very real:

• 85% of organizations were hit by deepfake incidents in the past year.
• 10% year-over-year increase in deepfake-related incidents.

• Average financial losses exceed $280,000 per incident.

Read the full report here.

Digital Identity Risk Accelerates Fraud Losses (TransUnion)

Global insights into the fraud landscape across industries and geographies.

The growing cost of fraud:

• Business leaders lost 7.7% of annual revenue to fraud (up from 6.5% in 2024).
• 18% increase in fraud losses year-over-year.
• 24% cite scam/authorized fraud as their greatest loss source.

Read the full report here.

API Security

State of API Security Report (Salt Security)

Semi-annual analysis of API security risks and challenges in the AI-driven transformation era.

APIs are under attack:

• 33% of security leaders suffered API incidents in the past year.
• 96% of attack attempts come from authenticated entities.
• 98% of attacks target external-facing APIs.

Read the full report here.

7th Annual State of the API Report (Postman)

Survey of over 5,700 developers and API professionals on the state of APIs.

Most companies are worried about agents + APIs:

• 82% have adopted some level of API-first approach.
• 51% worry about unauthorized API calls from AI agents (their #1 concern).
• 49% fear AI systems accessing sensitive data inappropriately.

Read the full report here.

AI

New Study: 7 in 10 Big US Companies Report AI Risks in Public Disclosures (The Conference Board)

S&P 500 companies flagging AI as a material risk amid growing reputational, cybersecurity, and regulatory concerns.

The AI cyber incident disclosure spike:

• 72% of S&P 500 companies now flag AI as a material risk (vs 12% in 2023).
• 20% disclosed AI-related cybersecurity risks specifically.
• Financial S&P 500 companies disclosing AI-related risks jumped from 14 in 2023 to 63 in 2025.

Read the full report here.

2025 State of AI Security (Acuvity AI)

How enterprises are struggling with AI security risks, weak governance, and unclear ownership.

The AI governance gap grows:

• 50% say AI tools will cause the next data breach.
• 70% lack optimized AI governance.
• 49% anticipate Shadow AI incidents.

Read the full report here.

AI at Work: Ground Truth for the Global Workforce (SnapLogic)

AI adoption in the workplace, including training gaps across industries and roles.

Actionable AI training is rare:

• 78% of employees already use AI in their roles.
• 45% report a disconnect between leadership enthusiasm and actual AI training.
• 44% of non-managers received zero training on AI safety and data security.

Read the full report here.

SMBs

SMBs Turn to AI PCs as Windows 10 End of Support Approaches (ASUS)

Survey of SMB owners on device management and update practices.

SMB owners care about IT, but most don’t get ahead of updates:

• 90% agree IT is more important today than a decade ago.
• 35% cite system updates and maintenance as top IT challenges.
• 61% admit they're not proactive about system updates.

Read the full report here.

Cybersecurity Industry

Cyber Security Vendor Funding Report – Q3, 2025 (Pinpoint Search Group)

Summary of global cybersecurity investment activity in the third quarter.

Vendor funding is still rising:

• 121 total transactions (funding, M&A, IPO) in Q3 2025.
• Year-to-date funding up 20% versus 2024.
• 20 security vendor acquisitions completed in Q3.

Read the full report here.

Other

The SSL Landscape (CSC)

How fragmented SSL management and a lack of certificate lifecycle preparation are creating new security risks.

SSL risks are real:

• Two-thirds of Global 2000 companies have under 50% of recommended domain security measures implemented.
• 60% use three or more certificate providers.
• Three providers supply 89% of DV certificates in use.

Read the full report here.

Industry Deep Dives

2025 Manufacturing Report: Why Your Supply Chain is Your Biggest Cyber Risk (Black Kite)

How rapid digital transformation has exposed the manufacturing sector to third-party cyber risks.

Manufacturing risk:

• Manufacturing remains ransomware's #1 target for the fourth consecutive year.
• 9% increase in ransomware attacks versus last year.
• 75% have critical vulnerabilities with CVSS scores of 8+.

Read the full report here.

The State of Fraud in the Gig Economy (Incognia)

How food delivery and ride-sharing companies are adapting to fraud and misuse challenges.

Fraud is an unwelcome gig economy side hustle:

• 51% increased fraud tool spending in 2025.
• 83% expect fraud spending to increase or hold steady in 2026.
• Chargebacks and payment fraud account for 24% of concerns.

Read the full report here.

2025 Ponemon Healthcare Cybersecurity Report (Proofpoint)

Fourth annual survey on cybersecurity effects in healthcare, including the devastating consequences of various attack types.

Healthcare is under attack, but ransomware payments are declining:

• 93% experienced at least one cyberattack in the past year.
• Ransom payments declined slightly (36% to 33%).
• 67% say ransomware attacks negatively impacted patient care.

Read the full report here.

Regional Spotlight

Cybersecurity Tops CFO's Risk Agenda With 99% Reporting Incidents and 94% Planning to Increase Spend (Corpay)

How UK CFOs are tackling cyber threats and payments-related security incidents.

• 99% experienced payments-related cyber incidents in the past two years.
• 42% identified cybersecurity as their top operational risk concern.
• 94% plan to increase cyber investment next year.

Read the full report here.