Cisco Study: Cybersecurity Readiness Lags as AI Threats Surge

A new global study from Cisco has revealed that just 4% of organizations are fully prepared to handle the growing complexity of modern cybersecurity threats, despite the accelerating adoption of artificial intelligence and hyperconnectivity in enterprise environments.

The 2025 Cisco Cybersecurity Readiness Index, based on a double-blind survey of 8,000 security and business leaders across 30 countries, paints a stark picture of the preparedness gap facing the private sector.

This year’s results show a modest increase from 2024, when only 3% of organizations were classified as ‘Mature’ in terms of cybersecurity readiness. However, the negligible progress underscores a persistent and systemic vulnerability in how businesses approach security in an increasingly AI-driven world.

The index evaluates organizational maturity across five critical domains: AI Fortification, Cloud Reinforcement, Machine Trustworthiness, Network Resilience, and Identity Intelligence. Despite widespread awareness of growing risks, a significant number of businesses remain in the ‘Formative’ or ‘Beginner’ stages, lacking comprehensive defense mechanisms.

According to the report, 71% of organizations anticipate experiencing a cybersecurity-related business disruption within the next 12 to 24 months. The stakes are high, with the convergence of generative AI, remote work, and distributed digital infrastructures intensifying threat complexity. Nearly half of the surveyed companies (49%) reported facing at least one cyberattack in the past year – often compounded by fragmented security architectures and scattered point solutions.

Shadow AI

Artificial intelligence is now at the center of both the problem and the solution. While 89% of businesses are leveraging AI to improve threat detection and 70% use it for incident response and recovery, the report reveals a troubling lack of AI-specific risk awareness. Just 49% of respondents believe their workforce understands the security implications of AI tools, and fewer than half (48%) feel confident their teams grasp how threat actors are exploiting AI to scale and automate attacks.

The report also highlights the proliferation of ‘shadow AI’ – unauthorized and unsupervised AI deployments – which present growing risks to data security and compliance. An estimated 60% of IT teams are unaware of how employees interact with generative AI tools, and 22% of workers reportedly have unmonitored access to public GenAI platforms. These blind spots open doors to unintended data leakage, IP loss, and privacy violations.

Hybrid work environments further amplify these concerns. With 84% of organizations citing increased risks from employees using unmanaged devices to access networks, there is a clear need for unified access controls and endpoint visibility. Yet in many cases, organizations lack a coherent strategy to manage this exposure.

Budget constraints continue to slow progress. Although nearly all companies surveyed (96%) expressed plans to modernize their IT infrastructure, fewer than half (45%) are allocating more than 10% of their IT budgets to cybersecurity – a drop of eight percentage points from last year. The shortfall comes at a time when cyber threats are expanding in sophistication and frequency, raising questions about enterprise risk prioritization.

Jeetu Patel, Cisco’s Executive Vice President and Chief Product Officer, emphasized the need for urgency: “As AI transforms the enterprise, we are dealing with an entirely new class of risks at unprecedented scale – putting even more pressure on our infrastructure and those who defend it. The serious preparedness gaps and the lack of urgency to rectify them are again evident in this year’s report. Companies risk losing their relevance in the AI age if they don’t reconsider their strategies immediately.”

Another key finding of Cisco’s cybersecurity study is the operational complexity caused by overreliance on disjointed security solutions. More than 77% of organizations report that having more than 10 separate security tools is hampering their ability to respond quickly and effectively to threats. This fragmented approach not only leads to inefficiencies but also increases the chances of misconfigurations and detection delays.

Talent Shortage in Cybersecurity

The talent shortage in cybersecurity remains a critical bottleneck. An overwhelming 86% of respondents cite a shortage of skilled professionals, and over half report having more than 10 open cybersecurity roles within their organizations. This human capital gap further exacerbates operational weaknesses, leaving enterprises exposed despite investments in security infrastructure.

In light of these findings, Cisco’s report calls for a shift toward integrated, AI-enabled security solutions and a simplification of infrastructure. Organizations are urged to focus on streamlining threat detection, fortifying their cloud environments, and improving workforce education on AI-related risks. Addressing the risks associated with shadow AI, investing in secure access solutions for remote workforces, and ensuring proper oversight of GenAI deployments are also considered essential steps.

With cyber threats evolving faster than most organizations can adapt, the 2025 Cisco Cybersecurity Readiness Index serves as both a wake-up call and a roadmap. The path forward, it suggests, lies in modernizing security strategies with intelligence, automation, and collaboration – before the next breach puts business resilience on the line.

Related

1. Study: SMBs Aware of Cyber Risks but Slow to Adopt AI Security: This article highlights that while small and medium-sized businesses (SMBs) recognize the risks of cyber threats like ransomware, they are slow to implement AI-based security measures. The report emphasizes the ongoing vulnerability of smaller teams and the need for improved AI security adoption to mitigate growing threats.
   Read more: https://HostingJournalist.com/news/study-smbs-aware-of-cyber-risks-but-slow-to-adopt-ai-security

2. Cisco Unveils AI Defense to Secure the AI Transformation of Enterprises: Cisco has launched Cisco AI Defense, a new security solution designed to protect enterprises as they adopt AI technologies. The tool addresses unique AI-related risks by providing continuous validation, access control, and threat protection for AI applications, helping organizations safely accelerate their AI transformations amidst increasing AI-driven cyber threats.
   Read more: https://HostingJournalist.com/tech-wire/cisco-unveils-ai-defense-to-secure-the-ai-transformation-of-enterprises

3. 89% of IT Leaders Concerned About GenAI’s Cybersecurity Risks: Despite widespread adoption of generative AI (GenAI) in cybersecurity, a Sophos report reveals that 89% of IT leaders worry about vulnerabilities and risks associated with GenAI tools. The article discusses the balance needed between leveraging AI for security and maintaining human oversight to prevent new attack vectors and data breaches.
   Read more: https://hostingjournalist.com/news/89-of-it-leaders-concerned-about-genai-s-cybersecurity-risks