Semperis

45% of identity threat detection and response (ITDR) plans included remediation procedures.

62% of organizations reduced SOC staffing on holidays and weekends to provide employees with work/life balance.

6% of companies completely cut their security operation center (SOC) staffing during holidays and weekends.

29% of organizations did not think they would be attacked during holidays and weekends.

52% of organizations reported being targeted by ransomware attacks on holidays or weekends.

78% of companies reduced security operation center (SOC) staffing by 50% or more during holidays and weekends.

63% of identity threat detection and response (ITDR) plans automated identity system recovery.

60% of ransomware attacks occurred following an IPO, merger or acquisition, or round of layoffs.

47% of organizations reported being closed on holidays and weekends.

90% of organizations reported that their identity threat detection and response (ITDR) plans detect identity system vulnerabilities.

The top cybersecurity challenge facing organizations is the sophistication of attacks (37%).

The second biggest cybersecurity challenge facing organizations is attacks against organizations' identity infrastructure, most commonly Active Directory (32%).

In the US, the rate of regulatory blackmail threats (hackers threatening to file regulatory complaints against victims if they didn't report the ransomware incident) jumped to 58%, representing a 23% increase.

US-based companies experienced physical threats in 46% of ransomware attacks.

47% of attacked companies across various countries (US, UK, France, Germany, Spain, Italy, Singapore, Canada, Australia, New Zealand) reported that hackers threatened to file regulatory complaints against them if they didn't report the ransomware incident.

Nearly 20% of companies that paid a ransom either received corrupt decryption keys or the hackers still published stolen data

11% of companies paid ransoms three times or more.

In 40% of ransomware attacks, threat actors threatened to physically harm executives at organizations that declined to pay a ransom demand.

44% of German firms experienced physical forms of intimidation in ransomware attacks.

69% of companies victimized by ransomware paid a ransom.

38% of companies that paid ransoms did so multiple times.

In the US, 47% of companies paid ransoms multiple times.

In Singapore, the extortion threat in ransomware attacks surged to 66%, a jump of 40% and the highest among the surveyed countries.

In Singapore, 50% of companies paid ransoms multiple times.

50% of respondents cited cybersecurity threats as the top threat to business resilience.

62% of utility operators were targeted by cyberattacks in the past year.

38% of utility operators believed they had not been targeted by cyberattacks.

54% of utility operators who were targeted by cyberattacks suffered permanent corruption or destruction of data and systems.

Nearly 60% of attacks against utility operators were carried out by nation-state groups

81% of cyberattacks on utilities compromise identity systems such as Active Directory, Entra ID, and Okta.

Of those utility operators targeted by cyberattacks in the past year, 80% were attacked multiple times.