Over half (58%) ranked cyber-related breaches as their top risk, with three-quarters doubting their ability to manage them. Their concern is grounded in experience and 20% said they had suffered a breach over the past two years.

The telecommunications sector experienced a four-fold increase in ransomware attacks over the past 4 years. This sector is a critical component of national infrastructure, making it a prime target for both ransomware groups and nation-state actors.

The number of cyberattacks on Taiwan's energy sector increased by 1,000% in 2025 compared to 2024, making it the most targeted sector among nine critical infrastructure categories.

A significant surge in cyberattacks targeting Android and Internet of Things (IoT) devices has been observed across critical infrastructure sectors between June 2024 and May 2025.

A comprehensive analysis of 10 million devices across 700+ organizations revealed that nearly two-thirds of connected assets were non-traditional IT devices. These included network infrastructure (routers, firewalls) and xIoT devices such as OT.

A review of data leak sites over the period September 2024-August 2025 revealed a double-digit annual increase in European victims, to 1380. After the UK, Germany, Italy, France and Spain were the most targeted nations.

Overall, workers are broadly encouraged by their company to use AI as part of their workloads and the 1Password report found that of 5000 workers surveyed 73% said their company is in favor of such experimentation.

The public sector faces a surge in sophisticated cyber threats, including ransomware, phishing, and exploitation of 0-day vulnerabilities. They target sensitive data, disrupt essential services, and exploit trust in government institutions.

A surge in cyber-attacks is targeting PHP servers, IoT devices, and cloud gateways. These attacks are primarily driven by botnets such as Mirai, Gafgyt, and Mozi, which exploit known vulnerabilities and misconfigurations to expand their reach.

A recent report based on the inaugural meeting of the Cyber Sanctions Taskforce—comprising officials from the UK, US, and EU—highlights the evolving role of sanctions in cyber deterrence strategies.