Sign in Subscribe
3 min read

CyberSecStats #3 - Deepfake scams, ransomware tactics, and identity and access management challenges

Hello! 👋🏼 Laura from CyberSecStats here with a weekly email of the latest cybersecurity vendor reports and research. 

All the stats below were published between March 8th - March 16th 2025. 

General

KnowBe4 Security Approaches Around the Globe: The Confidence Gap

A survey of professionals who primarily work on their laptops on their cybersecurity habits and confidence in detecting scams and phishing attempts. 

Key stats:

  • 12% of employees have been tricked by deepfake scams.
  • 38% of employees still hesitate to report security concerns because they don't know how.
  • 31% of IT teams take more than 5 hours to respond to a security issue.

Read the full report here.

Tines Voice of Security 2025: Security Leaders' Perspectives on AI Adoption, Team Performance, and Job Satisfaction

A report on how AI and automation improve security team performance and job satisfaction, plus security leaders' challenges with their current tools. 

Key stats:

  • 60% of security teams are small, with fewer than 10 members.
  • 33% of security teams are worried about the time required to train their teams on AI capabilities.
  • Most security teams (55%) typically manage 20 to 49 tools.

Read the full report here.

Coalition Cyber Threat Index 2025

An analysis of the cybersecurity trends observed in 2024 and the emerging threats businesses must prepare for in 2025.

Key stats:

  • Most ransomware claims in 2024 started with threat actors compromising perimeter security appliances (58%), like virtual private networks (VPNs) or firewalls.
  • The projected software vulnerability rate for 2025 is nearly 4,000 per month.
  • Across all ransomware claims in 2024, the most common initial access vectors (IAVs) were stolen credentials (47%) and software exploits (29%).

Read the full report here.

Industry-specific 

KnowBe4 Global Retail Report 2025

A report on the cybersecurity landscape in the global retail sector. 

Key stats:

  • Retail is in the top five industries targeted by cybercriminals. 
  • 38% of retail sector compromises involve credential theft. 
  • The average cost of a retail data breach in 2024 was an 18% increase from 2023. 

Read the full report here.

Paubox 2025 Healthcare Email Security Report

Report that examines recent healthcare email breaches to expose ongoing cybersecurity vulnerabilities in the industry. 

Key stats:

  • There has been a 264% increase in ransomware attacks on healthcare since 2018.
  • There has been a 50% increase in healthcare cybersecurity spending since 2018.
  • HIPAA fines exceeding $9 million were issued due to email security failures.

Read the full report here.

Ransomware

Bitdefender Threat Debrief | March 2025

Monthly Bitdefender Threat Debrief tracks the evolving tactics of ransomware by combining open-source information with data from data leak portals. 

Key stats:

  • There was a 126% increase in claimed ransomware victims year-over-year, from 425 victims in February 2024 to 962 in February 2025.
  • February 2025 was the single worst month in ransomware history based on the total number of claimed victims.
  • Out of the 962 victims claimed in February 2025, 335 were claimed by the Clop (Cl0p) group.

Read the full report here.

Cloud

Sysdig 2025 Cloud-Native Security and Usage Report

Annual user analysis of real-world cloud security and usage trends. 

Key stats:

  • Machine identities outnumber humans by 40,000 to 1.
  • Machine identities are 7.5 times more risky than human identities.
  • Mature security teams are detecting cloud threats in under 5 seconds.

Read the full report here.

Wasabi Global Cloud Storage Index

The 2024 Cloud Storage Index covers topics specific to cloud storage in the Asia Pacific. 

Key stats:

  • 68% of ANZ organizations recover data from public cloud storage at least weekly for backup purposes.
  • 66% of ANZ respondents exceeded their planned cloud storage spending in the past year.
  • 50% of Asia Pacific organizations experience IT or business delays due to egress and data access fees.

Read the full report here.

Credentials 

Bitwarden Risk reduction and resilience start with enterprise password management

A report examining enterprise identity and access management (IAM) challenges. 

Key stats:

  • 65% of enterprises still rely solely on passwords to access corporate systems. 
  • 37% of applications still support only password-based logins. 
  • 25% of enterprises use biometrics.

Read the full report here.

Dashlane State of Credential Security Report

A report on how the changing risk landscape and credential management impacts organizations. 

Key stats:

  • 74% of IT leaders feel that AI poses an increased threat to password security.
  • 70% of IT leaders reported dealing with employees creating weak passwords.
  • Of employees who receive security awareness training, one in five (22%) admit they would rather be stuck in rush-hour traffic than attend it.

Read the full report here.