CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
Digital asset compliance chiefs earn 16%-20% more
Chief compliance officers (CCOs) in digital assets command a 16% to 20% compensation premium over traditional finance equivalents, driven by 24/7 operational exposure, regulatory complexity and talent scarcity, according to a report from Solidus Labs.
Compliance hiring in digital assets surged 35% year-over-year in 2025, outpacing the 30% growth in broader digital asset hiring. Compliance density — the percentage of staff dedicated to compliance — rose to a 4.5% baseline, up from the traditional finance benchmark of 2.9% to 3.5%, the report found. New York City serves as the global base salary benchmark at $235,000 to $335,000 for top-tier digital asset compliance executives, with Singapore and Hong Kong approaching parity and Dubai and Zurich capable of exceeding NYC when including total compensation.
The report identified crypto-native trade surveillance as critically scarce, requiring professionals capable of sophisticated on- and off-chain pattern recognition for 24/7 markets. Sector tenure among digital asset CCOs averaged 4.3 years, up 0.5 years, while in-role tenure dropped to 2.1 years from 2.5 years, reflecting high mobility driven by residency requirements in Dubai, Singapore and Hong Kong, as well as aggressive US institutional hiring.
Ransomware attacks surge 45% in 2025, hitting record
Ransomware attacks jumped 45% in 2025, with 9,251 incidents recorded compared with 6,395 in 2024, according to research from NordStellar, a cybersecurity monitoring company that tracks ransomware group activity on the dark web.
December 2025 set a two-year record with 1,004 incidents in a single month, the research found. The number of ransomware groups also increased 30%, from 103 in 2024 to 134 in 2025. The US remained the primary target, accounting for 64% of all global cases with 3,255 incidents, a 28% increase from the previous year. Canada followed with 352 cases, up 46%, while Germany experienced a 97% jump with 270 incidents.
Small and medium-sized businesses with fewer than 200 employees and revenue up to $25 million experienced the most attacks. The manufacturing sector saw 1,156 incidents, a 32% increase from the previous year, accounting for 19.3% of all recorded cases. The fourth quarter of 2025 saw a sharp rise in activity, with 2,910 incidents representing a 38% increase compared with Q4 2024 and a 49% increase from Q3 2025.
Other key findings:
- Qilin carried out the most attacks in 2025 with 1,066 cases, a 408% increase from 2024, followed by Akira with 947 cases, up 125%.
- The IT sector followed manufacturing with 524 cases, marking a 35% rise from 2024.
- General manufacturing SMBs, machinery manufacturing and appliances/electrical/electronics manufacturing were the most targeted subsectors.
75% of organizations show incomplete MFA or weak endpoint protection
Three-quarters of organizations show incomplete multi-factor authentication (MFA) or weak endpoint detection and response enforcement, despite widespread assumptions that these controls are fully deployed, according to a report from Nagomi Security, a cybersecurity platform provider.
The report, based on control assessment data from thousands of endpoints across dozens of enterprises, found a significant performance gap between vulnerability management and foundational security controls. Vulnerability management programs passed on 91% of assessed assets, while identity controls passed on only 30% to 52% and endpoint protection controls showed similar gaps. Authentication policy enforcement performed worst at 30% pass rates, including gaps in MFA coverage and access control enforcement.
More than 60% of organizations failed advanced endpoint detection and response policy tests, even when agents were widely deployed. Password strength controls failed on 50% of assessed assets, while document and script execution prevention passed at only 60%. Security awareness controls showed the lowest performance, with fewer than 30% of assets passing despite training completion being recorded, indicating a gap between training metrics and actual user readiness.
81% of US financial institutions experience compliance screening delays
A majority of US (81%) and Canadian (80%) financial institutions experience delays “at least occasionally” due to compliance screening processes, in line with the 80% global average, according to a survey from LSEG Risk Intelligence, a financial data and risk management provider.
The survey of 850 senior decision-makers across financial institutions found that manual review and remediation workload topped regional challenges at 80%, followed by integration issues with existing systems (75%) and high false positives (75%). High false positives were reported by 78% of US respondents compared with 71% in Canada.
Some 90% of North American institutions use either mostly, fully or partly automated compliance screening, leading all regions surveyed. However, 17% of Canadian institutions rely mostly on manual screening compared with just 4% in the US. When asked about confidence in the accuracy and completeness of their current sanctions and risk screening data, 55% in the US and 50% in Canada reported being “very confident,” compared with lower averages in EMEA (45%) and APAC (44%).
