Cybersecurity readiness stays low as AI attacks increase

Only four percent of organizations worldwide have achieved the 'mature' level of readiness required to effectively withstand today's cybersecurity threats, even as hyperconnectivity and AI introduce new complexities for security practitioners.

The latest Cybersecurity Readiness Index from Cisco shows 86 percent of organizations faced AI-related security incidents last year. However, only 49 percent of respondents are confident their employees fully understand AI related threats, and 48 percent believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks.

The lack of cybersecurity readiness globally means 71 percent of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months.

AI is compounding an already challenging threat landscape. In the last year 49 percent of organizations suffered cyberattacks, hindered by complex security frameworks with disparate point solutions. Looking forward, respondents view external threats like malicious actors and state-affiliated groups (58 percent) as more significant to their organizations than internal threats (42 percent), underscoring the urgent need for streamlined defense strategies to thwart external attacks.

"As AI transforms the enterprise, we are dealing with an entirely new class of risks at unprecedented scale -- putting even more pressure on our infrastructure and those who defend it," says Cisco chief product officer Jeetu Patel. "This year's report continues to reveal alarming gaps in security readiness and a lack of urgency to address them. Organizations must rethink their strategies now or risk becoming irrelevant in the AI era."

Although AI is a concern it’s also part of the solution. An impressive 89 percent of organizations say they use AI to understand threats better, 85 percent for threat detection, and 70 percent for response and recovery, underscoring AI's vital role in strengthening cybersecurity strategies.

GenAI tools are widely adopted too, with 51 percent of employees using approved third-party tools. However, 22 percent have unrestricted access to public GenAI, and 60 percent of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. 60 percent of organizations say they lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks.

The skills shortage is an ongoing issue too, 86 percent of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with more than half reporting more than ten positions to fill.

The full 2025 Cybersecurity Readiness Index is available from the Cisco site.

Image credit: sdecoret/depositphotos.com