Darktrace, an AI for cybersecurity provider, unveiled its 2025 State of AI Cybersecurity report. Findings revealed that 78 percent of CISOs believe AI-powered threats are having a “significant” impact on the organizations, up five percent from 2024.
While a growing number of CISOs felt impact from such threats, over 60 percent believe that they are prepared to defend against them, a 15 percent YOY increase. Insufficient AI knowledge and skills, as well as a shortage of personnel, continue to lead as top inhibitors to a successful defense.
“The impact of AI on cybersecurity is clear and increasing,” said Darktrace CEO, Jill Popelka. “There are more employees and enterprise applications using AI that must be protected. Adversaries are using it to make their attacks more targeted, scalable and successful. All of this is unfolding in a highly volatile geopolitical environment that is creating more uncertainty. There has never been a more urgent need for AI in the SOC to augment teams and pre-empt threats so organizations can build their cyber resilience. That’s why Darktrace continues to invest in new innovations to help customers manage risk and thrive in this new era of AI threats.”
The second-annual report surveyed more than 1,500 cybersecurity professionals, holding roles ranging such as CISO, ITSM, IT security analyst and incident responder across 14 countries.
Other key findings include:
- AI – combined with the increase of cybercrime-as-a-service and automation – is increasing the sophistication and diversity of attack techniques faster than ever.
- 95 percent of cybersecurity professionals believe AI can improve speed and efficiency in preventing, detecting, responding to and recovering from threats.
- 42 percent fully understand the types of AI in their current security stack, a gap that increases across different roles: CISOs (60 percent), IT secrurity analysts and operators (10 percent) and IT security admins (14 percent).
- Two of the top three inhibitors to defending against AI-powered threats include insufficient knowledge, use of AI-driven countermeasures and insufficient knowledge/skills pertaining to AI technology.
- 11 percent planning to increase cybersecurity staff in 2025, down from last year. 64 percent plan to add AI-powered solutions to their security stack in the next year, while 88 percent believe using AI is critical to freeing up time for security teams to become more proactive.
- 95 percent report that their organization is currently discussing (50 percent) or has already implemented (45 percent) a formal policy for safe and secure use of AI. This varies regionally and by industry. 52 percent of organizations in North America and 43 percent in EMEA report having a formal policy in place.
- 84 percent prefer solutions that do not require external data sharing, while 87 percent want a platform approach over implementing a collection of point solutions.
- Cloud security (66 percent) and network security (55 percent) were identified as domains where cybersecurity professionals expect defensive AI to have the biggest impact.
Since 2013, Darktrace has applied AI to help organizations build a more proactive and resilient defense against sophisticated and evolving threats. Darktrace’s AI is used by nearly 10,000 organizations globally to transform security operations by providing visibility, automating investigations and freeing security teams to focus on more proactive work.
