24% of devices across organizations are classified as part of the extended IoT, including IoT, OT, and IoMT.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Device Diversity IoT OT IoMT
11% of devices across organizations are classified as network equipment.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Device Diversity Network Equipment
There are 3,200 unique operating system versions observed across organizations, averaging 876 versions per organization.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Operating Systems
There are 380 unique device functions observed across organizations, averaging 164 functions per organization.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Device Diversity
Financial services organizations have 35% of their devices classified as extended IoT.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Financial Services Device diversity IoT
65% of devices across organizations are classified as non-traditional IT.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Device Diversity
There are over 1,400 unique vulnerabilities affecting IP cameras in the dataset.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
IP cameras Vulnerabilities
Healthcare organizations have 35% of their devices classified as extended IoT.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
Healthcare Device diversity IoT Devices
40% of IP cameras in the dataset have at least one vulnerability.
COPY Forescout An X-ray of Modern Networks: Understanding and Mitigating IoT Security Risks · Nov 4, 2025
IP cameras Vulnerabilities
Ransomware rose 36% year over year.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Ransomware
40% of threat actor updates in H1 2025 were attributed to state-sponsored groups.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Threat actors State sponsored threat actors
Ransomware attacks are averaging 20 incidents per day.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Ransomware
62% of breaches in H1 2025 involved data stored on network servers.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Breach Network servers
9% of threat actor updates in H1 2025 were attributed to hacktivists.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Threat actors Hacktivists
76% of breaches in H1 2025 stemmed from hacking or IT incidents.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Breach
There were 3,649 documented ransomware attacks in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Ransomware
Ransomware attacks grew in frequency to 608 per month, or roughly 20 per day.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Ransomware
Zero-day exploits increased 46% in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Zero-day exploits
Modbus accounted for 57% of OT protocol traffic in Forescout honeypots in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Modbus
The U.S. was the top ransomware target, accounting for 53% of all ransomware incidents, in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Ransomware US
24% of breaches IN h1 2025 were on email systems.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Breach Email
47% of newly exploited vulnerabilities were originally published before 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Vulnerabilities
Zero-day exploitation increased 46% in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Zero-day exploits
Published vulnerabilities rose 15% in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Vulnerabilities
45% of published vulnerabilities in H1 2025 were rated high or critical.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Vulnerabilities
CVEs added to CISA KEV jumped 80% in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats CVEs CISA KEV
The healthcare sector experienced an average of two healthcare breaches per day in the first half of 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Healthcare Breach
51% of threat actor updates in H1 2025 were attributed to cybercriminals, such as ransomware groups.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Threat actors
Nearly 30 million individuals were affected by breaches in H1 2025.
COPY Forescout 2025H1 Threat Review · Aug 4, 2025
Threats Breach
8% of industrial organizations claim that nation-state actors are their top security concern.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Nation state APTs
50% of industrial organizations claim that supply chain threats and cybercriminal activity are their top security concern.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Supply chain
64% of industrial organizations classify their OT cybersecurity maturity as foundational.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Maturity
9% of industrial organizations claim that zero-day vulnerabilities are their top security concern.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Zero day
57% of industrial organizations deploy more than three tools to monitor IT, OT, and IoT environments.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Tools
Only 17% of industrial organizations report mature OT security practices.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Maturity
44% of industrial organizations claim to have strong real-time cyber visibility.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Visibility
Nearly 60% of industrial organizations have low to no confidence in their Operational Technology (OT) and Internet of Things (IoT) threat detection capabilities.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Threat detection
49% of industrial organizations cite vulnerability prioritization as the most laborious task.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Vulnerabilities
44% of industrial organizations cite risk mitigation as the most laborious task
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Risk mitigation
Over 33% of industrial organizations take more than 90 days to remediate threats.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Threat remediation
63% of industrial organizations take over 30 days to remediate threats.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Threat remediation
19% of industrial organizations identify their cybersecurity maturity as evolving.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Maturity
8% of industrial organizations claim that nation-state actors are their top security concern.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Nation state APTs
9% of industrial organizations claim that zero-day vulnerabilities are their top security concern.
COPY Forescout Global Industrial Cybersecurity Benchmark 2025 · Jun 25, 2025
Industrial OT Zero day
Less than 1% of hacktivist attacks impacted organizations in the Americas.
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism Americas
NoName057(16) was the most active hacktivist group, accounting for 90% of attacks analyzed. It is also cited as being behind 90% of state-aligned cyberattacks in 2024.
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism
Geographically, 82% of hacktivist attacks targeted Europe.
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism Europe
Four state-aligned hacktivist groups claimed responsibility for 780 attacks in 2024 alone.
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism
The other state-aligned hacktivist groups accounted for the remaining attacks: BlackJack (1%), Handala Group (8%), and the Indian Cyber Force (1%).
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism
18% of hacktivist groups targeted Asia, including the Middle East.
COPY Forescout The Rise of State-Sponsored Hacktivism · Apr 29, 2025
Hacktivism Asia Middle East
Topics Covered Threats (20) OT (16) Industrial (15) Hacktivism (11) Vulnerabilities (8) Ransomware (5) Breach (5) Device Diversity (4) Threat actors (3) Maturity (3) Connected devices (3) IoT devices (3) IoT (2) Device diversity (2) IP cameras (2)