At Quorum Cyber, our mission to help good people win begins with a clear understanding of the threats organisations face in the public sector.

The Global Cyber Risk Intelligence Outlook 2026 reflects the rigorous analysis and strategic foresight of our Threat Intelligence team, examining how the events of 2025 reshaped global cyber risk and identifying the trends most likely to define the year ahead.

READ THE REPORT

Download the Report

Key Findings

  • The number of newly formed ransomware groups increased by 30% during the 12 months to the end of October 2025
  • New, white-label Ransomware-as-a-Service (RaaS) platforms now enable cybercriminal groups to create their own brands
  • Cybercriminal groups are abandoning encryption in favour of pure data exfiltration for faster, lower-cost cyber-attacks
  • Global vulnerability disclosures rose 21% to exceed 35,000 in the year to the end of October 2025
  • First evidence of a nation-state-backed threat group leveraging Claude’s agentic capabilities to orchestrate attacks, with AI agents performing up to 90% of the intrusion activity
  • Threat actors from Russia, China, and Iran remain the top threats to the public sector as they sustain large cyber espionage campaigns, while nation-state-sponsored bad actors likely earned over $2 billion from cybercrime in 2025.
  • Russia, China, and Iran continue to pose severe threats to the public sector globally
  • Cyber activity targeting the public sector increased by 13% with over 100 countries impacted
  • A total of 102 countries were affected, with attacks concentrated against India, Israel, and the US
  • Although ransomware targeting decreased by 12%, data breaches increased by 66%, showing a clear shift toward data-theft-driven extortion
  • Despite Distributed Denial of Service (DDoS) attacks rising by only 5%, DDoS accounts for the vast number of attacks, highlighting its continued use for political protest

Take Action

Every sector faces cyber security challenges. Our range of managed security services and incident response services are designed to defend and protect organisations wherever they are on their security journey.

To explore how intelligence-led security approaches translate into practical defensive outcomes, organisations are encouraged to participate in the Microsoft Threat Protection Workshop.

Learn More

Privacy Preference Center

Privacy Preferences

Skip to content