Insights

2025 was defined by some of the most disruptive and revealing cyber attacks in recent memory. While headline statistics suggested that the average cost of cyber incidents declined year on year, a small number of high-impact attacks involving household names such as Marks & Spencer and Jaguar Land Rover dramatically altered the picture. 

Our theme for this year’s Security First conferences and our 2026 Trends and Predictions Guide is Resilience redefined: securing the human-AI era. But what exactly does that mean? In this blog we explain it and why it will be the theme of 2026. 

In 2026, our Security First Conferences are returning and with a clear mission: to help organisations redefine resilience in a world increasingly shaped by artificial intelligence, automation and accelerating risk.  

Public sector organisations are operating in an environment where cyber threats are escalating in both volume and sophistication. From local councils and government departments to education and healthcare providers, demand for digital public services continues to grow, yet many organisations are struggling to keep pace with the security risks that come with increased connectivity. The result is a sector caught between rising expectations, expanding attack surfaces and limited resources to defend them. 

With 2026 just around the corner and with the release of our 2026 Trends and Predictions guide, it’s the perfect time to look back at the numbers that shaped cyber security in 2025. We’ve pulled together 25 standout statistics that highlight the key trends and challenges from the past year. These include data collated by Integrity360 from our internal tools and services, alongside major statistics curated from across the industry. Together, they paint a picture of an evolving threat landscape and offer valuable insights into where cyber security is headed in 2026. 

 

Every December, as workplaces wind down into a mix of end-of-year wrap-ups, office parties and questionable jumper choices, something else stirs in the digital world. Holiday music fills the radio, fairy lights appear across cities, and attackers quietly get to work. Because while most people are looking to switch off, the threat landscape absolutely isn’t. In fact, the festive period is often one of its busiest.

A single lapse in security awareness can have serious consequences. One misplaced click, one downloaded attachment, or one moment of trust in a convincing email is enough to set off a chain reaction that results in data loss, financial damage, reputational harm and operational disruption. 

For many small and mid-sized businesses, cyber security can feel overwhelming. You know threats like ransomware, phishing, data theft and much more are out there, but it’s hard to know where to start to begin protecting your business.  

Black Friday has become one of the most crucial moments in the retail calendar. Online transactions surge dramatically, with sales volumes skyrocketing between Black Friday and Cyber Monday. For retailers, it’s the most lucrative time of the year but it’s also prime time for cybercriminals.

From manufacturing lines and water utilities to transport hubs and energy plants, Operational Technology (OT) is a prime target for cybercriminals and nation-state actors.

No one says it outright, but every Chief Information Security Officer (CISO) knows the truth. That success in their role is defined not by the years of stability, but by the moment of crisis. The pressure is immense, and often unfair. Cyber risk can never be reduced to zero, yet the expectation remains that it should be. 

Promising to solve problems that even the most powerful classical supercomputers can’t handle, Quantum computing has the potential to revolutionise fields ranging from medicine to cyber security. But what exactly is quantum computing, how does it work, and what will it mean for the world when it becomes reality?