Rubrik Zero Labs

58% of organizations cited security concerns as the primary driver for switching IAM providers

58% of IT security decision makers estimate that 50% or more of cyberattacks in the next year will be driven by agentic AI

90% of global leaders identified identity attacks as their top concern in 2025

89% of organizations that experienced a ransomware attack in the past year paid a ransom to recover their data or stop the attack

58% of IT and security leaders believe it would take at least two days to recover and achieve full-service operations post-compromise

89% of organizations have fully or partially incorporated AI agents into their identity infrastructure, with an additional 10% planning to do so

In 2025, only 28% of IT and security leaders believed they could fully recover from a cyber incident in 12 hours or less, down from 43% in 2024

87% of IT and security leaders plan to change Identity and Access Management (IAM) providers or have already begun the process

89% of organizations plan to hire professionals within the next 12 months to manage or improve identity management, infrastructure, and security

82% is the ratio of non-human identities (NHIs) to human users, indicating NHIs now outnumber human users by 82 to 1

40% of respondents reported increased security costs as a consequence of a cyber attack.

37% of respondents noted reputational damage and loss of customer confidence as a consequence of a cyber attack.

30% of respondents cite a lack of centralized management as their top challenge.

Of the organizations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data.

29% of respondents cite a lack of visibility and control over cloud-based data as their top challenge.

27% of high-risk sensitive files contain digital data such as API keys, usernames, and account numbers

36% of sensitive files in the cloud are classified as high risk.

90% of global IT and security executives reported cyberattacks in the past year.

Insider threats were cited by 28% of IT leaders.

92% of organizations use between two and five cloud and SaaS platforms.

The most common attack vectors cited were: Data breaches (30%), Malware on devices (29%), Cloud or SaaS breaches (28%), Phishing (28%), and Insider threats (28%).

33% experienced a forced leadership change following a cyber incident.

90% of IT and security leaders report managing hybrid cloud environments.

Half of IT leaders say the majority of their workloads are now cloud-based.

Nearly three-quarters (74%) of respondents said threat actors were able to partially compromise backup and recovery systems.

35% of respondents said their backup and recovery systems were completely compromised.

35% of respondents cite securing data across varied ecosystems as their top challenge.