The State of AI Cybersecurity 2025

Only 42% of cybersecurity professionals reported that they fully understand the types of AI in their current security stack.

66% of cybersecurity professionals identified cloud security as a domain where cybersecurity professionals expect defensive AI to have the biggest impact in the future.

52% of organisations in North America and 43% of organisations in EMEA report having a formal policy for safe and secure use of AI in place.

78% of Chief Information Security Officers (CISOs) globally are seeing a significant impact from AI-powered cyber threats. This is up 5% from last year.

Only 37% of cybersecurity professionals report that they regularly monitor or audit AI usage and outputs.

Only 11% of cybersecurity professionals reported that they plan to increase cybersecurity staff in 2025, down from last year.

84% of cybersecurity professionals reported that they prefer solutions that don't require external data sharing.

60% of CISOs reported they know exactly what AI types are used versus 10% of IT security analysts/operators and 14% of IT security administrators.

87% of cybersecurity professionals indicated they prefer a platform approach over implementing a collection of point solutions.

87% of cybersecurity professionals favour solutions that free up security teams to focus on proactive risk management.

In December 2023, 58% of cybersecurity professionals listed ‘adding AI-powered security tools to supplement existing solutions’ as a top priority for their teams.

56% of cybersecurity professionals admitted they do not fully understand the AI techniques used in their existing security stack

60% of CISOs now feel prepared to defend against AI-powered cyber threats, an increase of 15% from 2024.

At the end of 2023, over half of cybersecurity professionals (60%) reported feeling unprepared for the reality of AI-augmented cyber threats. Twelve months later, by the end of 2024, that number of cybersecurity professionals feeling unprepared had dropped to 45%.

Only 45% of cybersecurity professionals report that they have a formal AI oversight and governance function.

88% of cybersecurity professionals reported that the use of AI is critical to free up time for security teams to become more proactive.

95% of cybersecurity professionals report that their organisation is either currently discussing (50%) or has already implemented (45%) a formal policy for safe and secure use of AI.

64% of cybersecurity professionals reported that they plan to add AI-powered solutions to their security stack in the next year.

55% of cybersecurity professionals identified network security as a domain where cybersecurity professionals expect defensive AI to have the biggest impact in the future.

Among CISOs, only 8% listed ‘increasing security staff’ as a top priority.

95% of all cybersecurity professionals surveyed believe AI can improve the speed and efficiency of their ability to prevent, detect, respond and recover from threats.