The 2026 SonicWall Cyber Protect Report looks to reframe traditional threat reporting in favor of the protection outcomes that can have a greater impact on industrial security leaders. Some key findings in the report include:
- High and medium severity cyberattacks surged 20.8 percent - attackers aren't striking more often, they're striking smarter.
- Automated bots now generate more than 36,000 vulnerability scans per second, making up more than half of all internet traffic.
- IoT attacks climbed 11 percent; Log4j alone generated 824.9 million IPS hits in 2025, four years after disclosure.
- Identity, cloud, and credential compromise account for 85 percent of actionable security alerts. The stolen password, not the zero-day, is the attacker's weapon of choice.
- SMBs bear a disproportionate ransomware burden: 88 percent of their breaches involved ransomware in 2025, more than double the rate seen at large enterprises.
A full copy of the report can be found here.
