I analyzed 80 cybersecurity incident disclosures from SEC filings (primarily 8-K) and tagged them using a structured taxonomy of threat types (ransomware, data theft, insider, supply chain, etc.).

The goal was to see whether consistent patterns emerge from public incident reporting.

Key observations:

• ~72% of companies report significant operational disruption or incomplete recovery
• 50% of incidents involve data theft or data exposure
• Financial services is the most represented sector in disclosed incidents
• Only ~18% explicitly mention cyber insurance

Full dataset and breakdown:
[https://www.dukesecurity.ai/incidents]()

Feel free to browse and explore additional incidents in the dataset.