BakerHostetler's 12th annual Data Security Incident Report highlights cyber challenges in 2025

BakerHostetler’s 2025 report examines cybersecurity threats, regulatory developments, and incident response trends, offering an overview for organisations assessing risk and preparedness.

  • Friday, 10th April 2026 Posted 2 months ago in by Sophie Milburn
BakerHostetler has released its 12th annual Data Security Incident Response (DSIR) Report, which examines the cybersecurity breach landscape in 2025. Produced by the law firm’s Digital Assets and Data Management Practice Group, the report analyses more than 1,250 data security incidents.

The 2026 DSIR Report reviews key metrics, including timelines for network intrusion response and ransomware trends. It reports that average ransomware demands have risen to $4.2 million, alongside increasing settlement amounts, highlighting financial impacts on affected organisations.

The report also notes an increase in class actions, which now appear in 14% of security breaches, up from 9% the previous year. Large enterprises are identified as facing litigation risk even in cases involving minimal notification.

Phishing remains the most common cause of incidents, followed by unpatched vulnerabilities. Regulatory challenges are reported across multiple sectors, with health care most affected, followed by finance and insurance.

Improvements in forensic investigation processes are associated with reduced notification times, although costs have increased, particularly for larger investigations.

Vendor-related vulnerabilities are reported in around a quarter of incidents, indicating ongoing risks associated with third-party relationships. Artificial intelligence is also identified as an emerging factor, associated with faster attack execution and increased legislative activity across U.S. states.

The report presents these findings as part of an overview of current cybersecurity risks and incident response trends.
UK's pragmatic approach to AI automation prioritises pre-built solutions over bespoke development, contrasting with US's costlier custom-centric...
Certification's true value lies beyond speed, focusing on continuous system improvement for genuine resilience.
Evolve IP's recent session in Rotterdam brought UK and Dutch partners closer to foster collaboration and growth within the tech industry.

NetApp reveals StorageGRID 12.1 to enhance AI workloads

Posted 1 day ago by Sophie Milburn
NetApp releases StorageGRID 12.1, enabling better management of AI workloads across distributed environments.
The UK government has announced funding for new AI labs focused on reliability and efficiency, with collaboration planned between researchers and...
Exploring the critical role of trustworthiness in AI for CSPs and how it affects the future of autonomous enterprises.
Toby Weiss steps in as CEO of Securonix, aiming to enhance security operations amid evolving threats.
Exploring the shortcomings in AI governance and the potential avenues for managed service providers to bridge the gap between confidence and control.