SonicWall has released its Cyber ​​Protect 2026 Report, introducing a new approach by moving beyond traditional threat analysis to focus on the protection outcomes that really matter to business leaders against attacks. The study draws a worrying conclusion: the majority of SMEs do not fail as a result of highly sophisticated attacks, but rather by committing seven predictable and avoidable failures that the company has called the seven deadly sins of cybersecurity.

The 2026 report draws on data from SonicWall’s global network of more than one million security sensors, providing an increasingly accurate and relentless view of the attack landscape. These are some of the main conclusions:

• Attacks on web applications clearly dominate the threat landscape in Spain: 82% of all intrusion activity targets web infrastructure. The WEB-ATTACKS category generated 335.7 million detections—82.2% of the high/medium level activity recorded by Spanish IPS systems—through 1,112 unique signatures. Just three variants of directory traversal accounted for 134.5 million detections, exceeding the total IPS activity of countries such as France or the United Arab Emirates. No other European market has this concentration of web attacks: the United Kingdom reaches 54.8% and Germany 66%. The public web infrastructure in Spain is subject to a constant volume of attacks, sustained and technically diverse, which requires an urgent and multi-layered defense.

• Automated bots now generate more than 36,000 scans per second for vulnerabilities, driving new large-scale attacks. This is equivalent to more than half of all Internet traffic, while malicious bot traffic represents 37% of the global total, establishing itself as one of the main attack vectors.

• Spain registers the highest intensity of attacks per device among the European countries analyzed, surpassing Germany (77,907), Italy (64,819), the United Kingdom (44,469) and France (37,072), and even the United States (90,626). The volume of intrusion attempts detected by IPS has more than doubled year-on-year, with an increase of 119.8%, the highest in Europe in 2025. Spain is not only under pressure, but has become the epicenter of attacks on the continent.

“SonicWall data shows that attacks are getting faster and, in some cases, slightly more sophisticated,” said Michael Crean, senior vice president and general manager of Managed Security Services at SonicWall. “However, the vast majority of attacks we analyze continue to exploit basic weaknesses that continue to be overlooked. The problem is not a lack of technology, but its incorrect application.”

The Cyber ​​Protect 2026 Report is the first in SonicWall’s history to focus on protection outcomes and not solely attack statistics. During its development, the company identified seven recurring patterns – the so-called Seven Deadly Sins – that make the difference between resisting or succumbing to attacks on SMEs.

The seven deadly sins of cybersecurity

Rather than attributing the risk to exotic or advanced attacks, the report points to seven recurring operational failures that remain largely avoidable:

  1. Ignoring the basics — Weak authentication, lack of patching, and excessive privileges facilitate numerous attacks.
  2. False trust — Thinking that a company is too small to be attacked creates dangerous blind spots.
  3. Excessive access — Permissive configurations allow attackers to expand the reach of their attacks within the network.
  4. Reactive security — Without continuous monitoring, attacks proceed undetected for long periods (up to 181 days on average).
  5. Cost-based decisions — Delaying investments exposes companies to attacks whose economic impact can be much greater.
  6. Outdated access models — Technologies like traditional VPNs remain a common gateway for attacks.
  7. Prioritize fashion over execution — Incomplete implementations leave organizations vulnerable to new attacks.

“The most affected organizations fail not because they are the target of complex attacks, but because of avoidable errors,” adds Crean. “Protecting SMEs against these attacks is key, since they represent the basis of the business fabric and employment.”

The volume of intrusion attempts detected by IPS has more than doubled year-on-year

In line with its commitment to partners, SonicWall has designed this report to help MSPs and MSSPs translate technical information about attacks into understandable and actionable business risks for those responsible for SMBs.

The Cyber ​​Protect 2026 Report makes it clear that the difference between being protected or exposed to attacks does not depend solely on technology, but on its correct execution. The goal is to help organizations close that gap through data, strategic clarity, and an effective attack roadmap.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.