The first half of 2026 is now behind us, yet cybercrime remains a hot topic. Looking back without sugar-coating reality is essential if we want to properly assess today's cyber risk landscape.
While we've just experienced a period of intense summer temperatures, cyber threats continue to rise—and not simply because it's the holiday season. Let's take a closer look at what the first six months of 2026 have taught us.
1. Reputation and Trust Have Become Attack Vectors
Phishing no longer needs much introduction. However, it's worth remembering that phishing attacks exploit the greatest vulnerability of all: human psychology.
The objective is simple: persuade users—including IT administrators, cybersecurity professionals, developers and anyone with privileged access—to click on a malicious email, link or attachment.
Cybercriminals focus on earning your trust, capturing your attention and, above all, lowering your guard.
This is why they consistently impersonate the world's most trusted brands—those with the strongest reputations and the largest user bases. As a result, phishing campaigns continue to be dominated by technology companies and social media platforms such as Microsoft, Apple, Google, Amazon and LinkedIn.
Looking at the issue from a more technical perspective, it's also worth noting that many of these organisations provide the authentication services that sit at the heart of modern digital security—the very first layer of protection every organisation relies upon.
2. Ransomware Protection Still Lacks Maturity
Everyone is familiar with ransomware. Most organisations also believe they are adequately protected and confident they could recover should an attack occur.
Unfortunately, this sense of security often proves to be misleading.
Why?
Because ransomware attacks have continued to increase year after year, and the first half of 2026 is no exception.
If protection measures were consistently effective across organisations, ransomware would simply stop being profitable. Cybercriminals would move on to more lucrative attack methods.
Several important trends should also be highlighted:
The number of ransomware groups has decreased, suggesting market consolidation similar to what we see in legitimate industries.
The three most targeted sectors remain manufacturing, business services (B2B), and healthcare.
One ransomware group, operating under the rather ironic name Gentlemen, appears to have shifted its strategy by distributing attacks more globally instead of concentrating primarily on the United States.
3. Delayed Action Increases Risk
2025 saw an exponential rise in the exploitation of known vulnerabilities. While this trend is not new, several findings are particularly concerning.
Firstly, according to the globally recognised CISA Known Exploited Vulnerabilities (KEV) catalogue, organisations have remediated only around 26% of the vulnerabilities identified. In other words, roughly three-quarters remain unpatched and exploitable.
Secondly, it's important to note that a significant proportion of these vulnerabilities can be exploited without authentication, making them considerably easier for cybercriminals to weaponise.
4. The Economic Cost Continues to Rise
The financial impact of cyberattacks deserves regular attention—especially when new data1 reveals important trends.
Rather than focusing on average incident costs, recent studies increasingly rely on median values, which provide a far more accurate reflection of reality, as any statistician will confirm.
A five-year analysis (2019–2024) indicates that the median economic impact of cyber incidents has at least doubled across virtually every category.
For comparison, inflation in the United States over the same period reached approximately 23%, meaning cyber-related losses have grown far beyond general price increases.
Business interruption and payments made to cybercriminals—including ransoms and extortion demands—remain the two largest contributors to the overall financial impact.
Understanding these developments is the first step towards accurately assessing your organisation's cyber exposure.
Building resilience inevitably requires effective cyber risk management—an area that, unfortunately, remains underestimated by many organisations.
At MCG, we continuously monitor the evolving cybersecurity landscape to help our clients anticipate emerging threats, strengthen their resilience, and stay focused on what matters most: running their business.
[1] Verizon, 2026 Breach Impact Study
