This report, S-RM’s fourth annual Cyber Incident Insights Report, draws on data from over 800 incidents our team responded to globally in 2025. It offers a clear-eyed view of how the threat landscape is evolving and what that means for businesses in the year ahead.
This year we have collaborated with FGS Global, a leading stakeholder strategy firm that advises businesses on communicating with key audiences during cyber incidents and other moments of intense scrutiny. Their perspective on reputation and stakeholder engagement is included throughout.
Ransomware remains the dominant threat, but the ecosystem behind it is fragmenting. S-RM’s global cyber team responded to incidents involving 67 distinct ransomware groups, up from 58 the year before, and the influx of newer, less predictable operators has made outcomes harder to predict. The landscape is also shifting: English-speaking threat actors claimed high-profile targets, AI-enhanced communications made established groups and lone operators more effective across borders, and attacks surged across Asia-Pacific. US-based companies
