The State of Data Security in 2025: A Distributed Crisis

40% of respondents reported increased security costs as a consequence of a cyber attack.

37% of respondents noted reputational damage and loss of customer confidence as a consequence of a cyber attack.

30% of respondents cite a lack of centralized management as their top challenge.

Of the organizations that experienced a successful ransomware attack last year, 86% admitted they paid a ransom to recover their data.

29% of respondents cite a lack of visibility and control over cloud-based data as their top challenge.

27% of high-risk sensitive files contain digital data such as API keys, usernames, and account numbers

36% of sensitive files in the cloud are classified as high risk.

90% of global IT and security executives reported cyberattacks in the past year.

Insider threats were cited by 28% of IT leaders.

92% of organizations use between two and five cloud and SaaS platforms.

The most common attack vectors cited were: Data breaches (30%), Malware on devices (29%), Cloud or SaaS breaches (28%), Phishing (28%), and Insider threats (28%).

33% experienced a forced leadership change following a cyber incident.

90% of IT and security leaders report managing hybrid cloud environments.

Half of IT leaders say the majority of their workloads are now cloud-based.

Nearly three-quarters (74%) of respondents said threat actors were able to partially compromise backup and recovery systems.

35% of respondents said their backup and recovery systems were completely compromised.

35% of respondents cite securing data across varied ecosystems as their top challenge.