Report: 78 Percent of CISOs Seeing Significant Impact from AI-Powered Cyber Threats

Darktrace recently unveiled its 2025 State of AI Cybersecurity report. The findings reveal that 78% of Chief Information Security Officers (CISOs) surveyed say that AI-powered threats are having a significant impact on their organizations, a 5% increase1 from 2024. While an increasing number of CISOs report feeling a significant impact from AI threats, more than 60% now say that they are adequately prepared to defend against these threats, an increase of nearly 15% year-over-year. However, insufficient AI knowledge and skills and a shortage of personnel and talent continue to be listed as the two top inhibitors to a successful defense.

"The impact of AI on cybersecurity is clear and increasing. There are more employees and enterprise applications using AI that must be protected. Adversaries are using it to make their attacks more targeted, scalable, and successful. All of this is unfolding in a highly volatile geopolitical environment that is creating more uncertainty," said Jill Popelka, CEO, Darktrace. "There has never been a more urgent need for AI in the SOC to augment teams and pre-empt threats so organizations can build their cyber resilience. That's why Darktrace continues to invest in new innovations to help customers manage risk and thrive in this new era of AI threats."

The second annual report surveyed over 1,500 cybersecurity professionals holding roles ranging from CISO to IT security managers, IT security analysts and incident responders, across 14 different countries.

Key findings from the report include:

  • The increasing impact of AI-powered threats: This year, 78% of CISOs surveyed agreed that AI-powered cyber threats are having a significant impact on their organization, up 5% from 2024. AI combined with the increase of cybercrime-as-a-service and automation is increasing the sophistication and diversity of attack techniques faster than ever – from AI-enhanced phishing campaigns to evolving ransomware strains.
  • A gap between confidence in AI and comprehension of how it can be best deployed: 95% of all cybersecurity professionals surveyed believe AI can improve the speed and efficiency of their ability to prevent, detect, respond and recover from threats, but significant knowledge gaps persist. Only 42% reported that they fully understand the types of AI in their current security stack. The gap increases across different roles, with 60% of CISOs reporting they know exactly what AI types are used versus 10% of IT security analysts/operators and 14% of IT security administrators. Moreover, two of the top three inhibitors reported to defending against AI-powered threats include insufficient knowledge or use of AI-driven countermeasures and insufficient knowledge/skills pertaining to AI technology.
  • Teams are turning to AI to navigate talent and skills shortages: Despite respondents citing insufficient personnel to manage tools and alerts as the greatest inhibitor to defending against AI-powered threats, only 11% reported that they plan to increase cybersecurity staff in 2025, down from last year. AI is seen by this group as essential to augment human team members, with 64% reporting that they plan to add AI-powered solutions to their security stack in the next year and 88% reporting that the use of AI is critical to free up time for security teams to become more proactive.
  • Managing risk is a priority, but more action is needed: 95% of all respondents report that their organization is either currently discussing (50%) or has already implemented (45%) a formal policy for safe and secure use of AI. This varies regionally and by industry. 52% of organizations in North America and 43% of organizations in EMEA report having a formal policy in place. Organizations in the financial services, retail and technology sectors globally report the highest level of policies currently in place. At the same time, only 45% of respondents report that they have a formal AI oversight and governance function and only 37% report that they regularly monitor or audit AI usage and outputs.
  • Data privacy and a platform approach are top priorities: When asked about their cybersecurity technology preferences, respondents highlighted the importance of data privacy and a platform approach. Notably, 84% reported that they prefer solutions that don't require external data sharing and 87% indicated they prefer a platform approach over implementing a collection of point solutions.
  • Cloud and network security seen as key areas for future impact of AI: When asked to look ahead at the future impact of AI in cyber defense, cloud security (66%) and network security (55%) are identified as two domains where cybersecurity professionals expect defensive AI to have the biggest impact.

"The integrity and reliability of IT systems are under increasing pressure as adversaries harness Generative AI to amplify their attacks. The rapid evolution of AI-powered threats is forcing security teams to rethink their defensive strategies, as traditional cybersecurity measures can no longer match the speed, scale, and sophistication of modern attacks,” said Jon Mendoza, CISO of Technologent, a global provider of IT solutions and services for Fortune 1000 companies. “To stay ahead, organizations must integrate AI-driven security solutions that not only detect and respond to threats but proactively anticipate them. True resilience comes not just from deploying AI but from empowering security teams with the knowledge and tools to wield it effectively. A security platform built on actionable-intelligence and hyper-automation is essential to containing threats and minimizing the blast radius of attacks. In today’s ever-evolving threat landscape, AI isn’t just an advantage—it’s a fundamental necessity."

Featured

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

  • DHS to End ‘Shoes-Off’ Travel Policy

    Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.