The "Data Breach Investigations Report (DBIR)" 2025, recently published by Verizon Business, highlights an intensification of cyber threats on a global scale. Among the most concerning trends observed this year: the significant increase in system intrusions in the EMEA region (Europe, Middle East, Africa), which now account for 53% of attacks compared to 27% last year.
The report is based on the analysis of over 22,000 security incidents, including 12,195 confirmed breaches. One of the major conclusions concerns the rise in attacks involving third parties (partners or suppliers): these have doubled to reach 30% of the cases analyzed, highlighting the risks associated with supply chains and partner ecosystems. The exploitation of vulnerabilities has also increased (+34%), notably through zero-day attacks targeting perimeter devices and VPNs.
In the EMEA region, the rise of internal compromises is alarming: nearly a third (29%) of incidents in this region originate within organizations themselves, whether due to unintentional errors (19%) or misuse (8%). In comparison, these figures drop to 5% in North America and only 1% in Asia-Pacific. Despite this high proportion, the total number of internal actors involved has decreased by 41%, which may reflect a shift in risk towards other types of threats.
The second attack vector is social engineering: phishing is involved in 19% of compromises in EMEA. This type of attack often fits into campaigns aimed at stealing credentials or introducing malware, particularly ransomware.
On this latter point, the report notes a 37% increase in ransomware attacks worldwide. These attacks now account for 44% of compromises, even though the median amount of ransoms paid has slightly decreased. Another figure stands out: 64% of organizations affected by ransomware have chosen not to pay, compared to 50% two years earlier, indicating a possible evolution in crisis management.
The Most Targeted Sectors
The report also provides a sectoral focus. The manufacturing industry has seen a six-fold increase in espionage-targeted attacks (rising from 3% to 20%), while the healthcare, education, and finance sectors remain favored targets. In retail, where incidents have increased by 15%, cybercriminals now target less protected assets, such as customer credentials or internal documents, rather than payment data.
Sanjiv Gossain, Group Vice President and Head of EMEA at Verizon Business, comments:
"The surge in systemic intrusions in the region is a strong warning signal: organizations must urgently strengthen their external defenses and internal control mechanisms by investing in training, enhanced access controls, and zero trust security frameworks".
To better understand
What regulatory frameworks are in place in the EMEA region to manage risks related to the supply chain and partners?
In the EMEA region, several regulations, such as the General Data Protection Regulation (GDPR) and the NIS Directive (Network and Information Systems), require companies to implement appropriate security measures to protect data and systems involving third parties and partners.
What is 'Zero Trust' security and how can it help reduce internal intrusions?
'Zero Trust' security is a security model based on the premise that threats can come from inside as well as outside the organization. By removing the assumption of trust, this model restricts access to resources only to authenticated and authorized users, which can significantly reduce the risk of internal intrusions.