Phishing (including malspam, vishing, and malvertising) was the dominant intrusion vector, accounting for approx. 60% of cases..

Vulnerability exploitation accounted for 21.3% of initial access vectors.

Insider threats accounted for 0.8% of initial access vectors.

Botnet accounted for 9.9% of initial access vectors.

Malicious applications accounted for 8% of initial access vectors.