In 2025, ransomware events against critical industries increased by 34% compared to the previous year.

Critical industries globally, such as government and transportation, face an average response time of upwards of 3 weeks to security alerts.

75% of organisations have BMS affected by known exploited vulnerabilities (KEVs).

Within organisations affected by KEVS that are also linked to ransomware and are insecurely connected to the internet, 2% of devices contain the same high level of risk, meaning they are essential to business operations and are operating at the highest level of risk exposure

Of the organisations affected by KEVs, 51% are affected by KEVs that are also linked to ransomware and are insecurely connected to the internet.