The 19-Year Streak Is Over. Here Is What Replaced It.

Credentials did not stop being valuable. They still appear in 39% of all incidents. But they are increasingly no longer the starting point. Attackers are finding faster routes in, and unpatched vulnerabilities are providing them.

The more consequential factor driving this shift is timing. The window between a vulnerability being publicly disclosed and active exploitation in the wild has collapsed. Chandra Gnanasambandam, Chief Technology Officer at SailPoint, puts a number on it: in the early 2020s, time to exploitation ran close to a year. Today, it is approaching an hour, and the trajectory points toward minutes.

Matthew Hartman, Chief Strategy Officer at Merlin Group, frames the operational consequence plainly: AI has compressed the time between vulnerability discovery and exploitation from months to hours, and organizations cannot defend against that reality with periodic assessments and siloed tools.

This compression is not happening because attackers have gotten smarter. It is happening because they have become more efficient. AI-assisted tooling is accelerating the discovery, validation, and weaponization of known vulnerabilities at a scale and speed that outpaces human-led remediation programs. The threat actor does not need to find a zero-day. They need to find an organization that has not yet patched a known flaw, and there are plenty.

Trey Ford, Chief Strategy and Trust Officer at Bugcrowd, describes the economics clearly: AI is making vulnerability discovery and weaponization so fast and cheap that attackers no longer need a stolen password when a known, unpatched flaw gets them in faster. For 19 consecutive years, stolen credentials were the primary way in. That changed because the cost structure shifted.

For security leaders, this raises a pointed question: Is your vulnerability management program calibrated to the threat as it exists today, or as it existed three years ago?

Why Patching Faster Is Not the Full Answer

The instinctive response to “exploitation is the top attack vector” is “patch faster.” That is necessary, but it is not sufficient, and treating it as the complete answer is where security programs stall.

Collin Hogue-Spears, Senior Director of Solution Management at Black Duck, makes the distinction directly: AI did not create the gap between disclosure and exploitation. It erased the head start defenders used to have. And the fix is not faster patching. It is patching by reachability and containing the rest.

The real problem is prioritization under constraint. Most organizations carry a vulnerability backlog that cannot be cleared before new findings arrive. Patching by CVSS severity score alone tends to concentrate effort on what looks dangerous on paper rather than what attackers are actively using. The CISA Known Exploited Vulnerabilities catalog offers a sharper filter, reflecting real exploitation activity rather than theoretical severity. As Hogue-Spears notes, CVSS tells you how bad a flaw can be; KEV tells you which flaws attackers already use. Prioritizing that list ahead of the broader CVSS queue is a more defensible allocation of scarce engineering time.

Reachability analysis adds another layer of precision. Not every vulnerability is reachable from an external position, or from where an attacker with initial access could realistically pivot. Separating findings that are genuinely exploitable from those that exist in the environment but cannot be reached changes the effective size of the remediation backlog considerably.

Jason Soroko, Senior Fellow at Sectigo, points to what often gets missed in the patching conversation: a breached perimeter through a software exploit is frequently just the opening move. The subsequent lateral movement and privilege escalation rely entirely on authentication mechanisms that remain brittle under pressure. Robust cryptographic trust and rigorous certificate lifecycle management function as a fail-safe even when the outer wall has been breached. If every machine, workload, and enterprise AI agent is strictly authenticated through a tightly managed public key infrastructure, the blast radius of an exploited vulnerability shrinks considerably.

The organizations that held ground during Log4Shell did not all patch faster than everyone else. Many of them bought time by restricting outbound traffic, which prevented exploited instances from completing the attack chain. Compensating controls, egress restrictions, behavioral allowlists, and identity-bound access are not concessions to poor patching discipline. They are the second defensive layer that absorbs what triage has not yet cleared.

Third-Party Involvement Is Up 60%. The Perimeter You Defend Is Not the Perimeter That Matters.

One of the more striking findings in this year’s report is the growth of third-party involvement in breaches. It now accounts for 48% of all breaches, up 60% year over year.

Ford at Bugcrowd is direct about what this means for security program design: the coverage problem extends well beyond the enterprise perimeter, into every vendor, supplier, and integration partner an organization relies on. No product closes that gap.

This figure deserves more attention than it typically receives. A significant portion of an organization’s actual attack surface sits outside anything that organization directly controls or tests. Vendors, integration partners, software dependencies, and managed service providers each represent a potential entry path that does not require touching the enterprise network directly.

The economics are straightforward. If a supplier with access to 200 enterprise environments has weaker controls than any of those environments individually, that supplier becomes the priority target. The breach happens at the third party. The damage lands at the enterprise.

Point-in-time vendor assessments and annual questionnaires do not address this. They capture a snapshot of a vendor’s security posture at the moment of assessment. By the time that the assessment is completed, reviewed, and filed, the posture may have changed. Continuous visibility into third-party risk, not a compliance checkbox exercise, is what the data argues for.

Morey Haber, Chief Security Advisor at BeyondTrust, notes that the DBIR’s core message this year is maturity and refinement rather than revolution. Asset and identity visibility, patching discipline, least privilege enforcement, and practiced incident response. The supply chain finding reinforces that point: the organizations with clear visibility into what third parties can access and from where are better positioned than those managing vendor risk as a documentation exercise.

Shadow AI: The Data Leakage Problem Security Programs Have No Coverage For

Shadow AI has reached a scale that security programs have largely not kept pace with. The proportion of employees regularly using unapproved AI tools at work has climbed from 15% to 45% in a single year. It is now the third most common source of non-malicious data leakage.

Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer at AvePoint, says she would have expected the number to be even higher. Her position on the response is worth noting: the answer to shadow AI is not to block tools. It is to build a comprehensive trust layer that continuously secures, governs, and audits how data is accessed and used across the enterprise, while making it easier for employees to reach approved solutions than unapproved ones.

The mechanism behind the leakage is not complex. An employee pastes a confidential contract, a client list, internal source code, or a sensitive business process into a public AI model to get help with a task. They are not trying to cause harm. They are trying to work faster. But the data has now left the organization’s control, and depending on the platform’s data handling policies, it may be retained, used for training, or accessible to others.

AvePoint’s own data, cited by Simberkoff, shows 75% of organizations have already experienced AI-related security incidents, with oversharing as the primary driver. Attackers are using AI to identify data exposure gaps faster, while employees are inadvertently leaking sensitive information into public models. The two trends are feeding each other.

Trey Ford at Bugcrowd describes shadow AI tripling in a single year as the DBIR’s quietest signal and its most consequential one. Most security programs have no coverage model for it.

Diana Kelley, Chief Information Security Officer at Noma Security, adds the dimension that often gets overlooked when the conversation focuses only on employees: agentic AI systems create a new class of privileged, machine-speed actors. If an AI agent can connect to tools, move data, or trigger workflows, it needs to be governed like a privileged identity, with least privilege access, full logging, human approval for high-risk actions, and a fast way to revoke access.

The governance response, rather than a blanket prohibition, combined with data classification controls that reduce the blast radius when leakage occurs, is what the data supports.

Mobile Social Engineering Is Outperforming Email Phishing by 40%

The human element section of the DBIR carries a finding that challenges a common assumption about where the phishing threat concentrates. As organizations have invested in email security controls and user training, threat actors have shifted their social engineering activity toward mobile channels: SMS and voice calls. These attacks are succeeding at a rate 40% higher than traditional email phishing.

Mika Aalto, Co-Founder and CEO at Hoxhunt, whose organization contributed tens of millions of human cyber behavior data points to this year’s DBIR for the second consecutive year, notes that the report explicitly names a culture that supports and enables secure behavior alongside technical controls like patch management and response planning. Security culture is no longer a soft initiative sitting outside core security operations. It is part of the operational foundation.

Maxime Cartier, VP of Human Risk at Hoxhunt, draws a connection between the patching problem and the human behavior data. Many of the risks and barriers in patching programs are behavioral rather than technical. The people responsible for patching are employees too: developers, admins, and IT operations teams. They respond to the same drivers that Human Risk Management deals with every day: motivation, prioritization, clarity, and friction. If security teams want patching outcomes to improve, they need to communicate risk in ways that help people act, not just escalate pressure.

The reasons mobile attacks are succeeding are not difficult to identify. Email inboxes have accumulated years of training signals. Mobile channels carry none of that conditioning. A text message to a personal number, or a spoofed voice call, arrives in an environment where most people do not apply the same scrutiny they have learned to bring to their work email.

Security awareness programs calibrated entirely to email phishing scenarios are not addressing where the current threat concentrates.

AI-Driven Bot Traffic Is Growing 21% Month Over Month. Human Traffic Is Flat.

Perhaps the most forward-looking data point in this year’s report is the growth trajectory of AI bot internet crawlers: 21% month-over-month growth, against essentially flat human-led traffic growth of 0.3%. The threat implications are still developing, but the directional signal is clear.

Simberkoff at AvePoint frames the perimeter implication directly: with AI-driven bot traffic increasing at this rate, the traditional perimeter has effectively disappeared. Bots operating at machine speed can probe exposed surfaces, discover data leakage points, and identify configuration errors faster than any human-led reconnaissance effort.

Gnanasambandam at SailPoint captures the underlying shift: in the last 25 years, security and governance have always been primarily about humans. The move into a human-plus-AI world requires a different security paradigm, one built around adaptive identity with zero standing privilege as a minimum requirement. Cloud environments, particularly development environments, were built for developer experience and never designed with a security posture in mind. In a world where 95% of access is standing, that is a compounding vulnerability.

What the 2026 DBIR Is Actually Telling Security Leaders

The core message of the report is not that everything has changed. It is that the threat environment has matured in specific ways that require recalibration of where security investment is concentrated.

Haber at BeyondTrust makes the point that credential controls still matter. Vulnerability exploitation becoming the top initial access vector does not mean identity security programs were wrong. It means they are working well enough that attackers are routing around them. That is an argument for sustaining those investments, not redirecting them wholesale. The 2026 DBIR politely suggests recalibrating: credential-based attack vectors still appear in 39% of all incidents; they are simply no longer the initial entry point as often as they used to be.

Kelley at Noma Security summarizes the broader AI finding with precision: attackers are scaling the basics, and the fundamentals still matter most. Defenders need to do the same, only faster, cleaner, and with better control over identity, data, and third parties.

The recalibration is specific: vulnerability prioritization needs to reflect active exploitation, not just theoretical severity. Third-party risk management needs continuous visibility, not periodic snapshots. Shadow AI requires a governance response, not a blanket prohibition. Mobile social engineering needs to be part of the threat model that security awareness programs train against. And the entire defensive posture needs to be calibrated to exploitation timelines measured in hours, not months.

Hartman at Merlin Group puts it in operational terms: organizations need continuous visibility into vulnerabilities, vendors, and employee AI usage, and the ability to act on that intelligence before attackers can.

Get in Touch

For media inquiries, press releases or partnership opportunities:

Join our CISO network / Top Voice program : Contact us