Critical Risks Boards Must Address Immediately
2025 marked the shift from opportunistic attacks to scalable extortion. Q1 leak sites listed 2,302 victims (record high), Q2 saw 657 industrial ransomware incidents (65% manufacturing, 44% YoY rise), and FBI IC3 reported $16.6B total cybercrime losses with $2.8B from BEC alone.
What you'll learn in the report:
- Ransomware + data extortion: 4,701 global cases Jan-Sep (46% ↑); data-theft > encryption
- Supply chain compromise: Qantas (6M records), utilities (280K files) via vendor breaches
- AI social engineering: Deepfake voices amplify BEC ($2.8B losses)
- Hypervisor attacks: Single ESXi breach disables hundreds of VMs in hours
- Machine identity abuse: Non-human credentials outnumber users 10:1, no lifecycle controls
- Industrial/OT targeting: 427/657 Q2 incidents hit manufacturing; IT/OT convergence risks
2026 Risk Heatmap: All 6 threats rank P1-P2 (Very High Impact + Rising Trend).
Download the full report to gain a clearer picture of 2026’s threat landscape and actionable intelligence to prioritize defenses against these 6 scaled extortion campaigns targeting your critical blind spots.