Darktrace has unveiled its 2025 State of AI Cybersecurity report. The findings reveal that 78% of Chief Information Security Officers (CISOs) surveyed say that AI-powered threats are having a significant impact on their organizations, a 5% increase1 from 2024. While an increasing number of CISOs report feeling a significant impact from AI threats, more than 60% now say that they are adequately prepared to defend against these threats, an increase of nearly 15% year-over-year. However, insufficient AI knowledge and skills and a shortage of personnel and talent continue to be listed as the two top inhibitors to a successful defense.
“The impact of AI on cybersecurity is clear and increasing. There are more employees and enterprise applications using AI that must be protected. Adversaries are using it to make their attacks more targeted, scalable, and successful. All of this is unfolding in a highly volatile geopolitical environment that is creating more uncertainty,” said Jill Popelka, CEO, Darktrace. “There has never been a more urgent need for AI in the SOC to augment teams and pre-empt threats so organizations can build their cyber resilience. That’s why Darktrace continues to invest in new innovations to help customers manage risk and thrive in this new era of AI threats.”
The second annual report surveyed over 1,500 cybersecurity professionals holding roles ranging from CISO to IT security managers, IT security analysts and incident responders, across 14 different countries.
Key findings from the report include:
- The increasing impact of AI-powered threats: This year, 78% of CISOs surveyed agreed that AI-powered cyber threats are having a significant impact on their organization, up 5% from 2024. AI combined with the increase of cybercrime-as-a-service and automation is increasing the sophistication and diversity of attack techniques faster than ever – from AI-enhanced phishing campaigns to evolving ransomware strains.
- A gap between confidence in AI and comprehension of how it can be best deployed: 95% of all cybersecurity professionals surveyed believe AI can improve the speed and efficiency of their ability to prevent, detect, respond and recover from threats, but significant knowledge gaps persist. Only 42% reported that they fully understand the types of AI in their current security stack. The gap increases across different roles, with 60% of CISOs reporting they know exactly what AI types are used versus 10% of IT security analysts/operators and 14% of IT security administrators. Moreover, two of the top three inhibitors reported to defending against AI-powered threats include insufficient knowledge or use of AI-driven countermeasures and insufficient knowledge/skills pertaining to AI technology.
- Teams are turning to AI to navigate talent and skills shortages: Despite respondents citing insufficient personnel to manage tools and alerts as the greatest inhibitor to defending against AI-powered threats, only 11% reported that they plan to increase cybersecurity staff in 2025, down from last year. AI is seen by this group as essential to augment human team members, with 64% reporting that they plan to add AI-powered solutions to their security stack in the next year and 88% reporting that the use of AI is critical to free up time for security teams to become more proactive.
- Managing risk is a priority, but more action is needed: 95% of all respondents report that their organization is either currently discussing (50%) or has already implemented (45%) a formal policy for safe and secure use of AI. This varies regionally and by industry. 52% of organizations in North America and 43% of organizations in EMEA report having a formal policy in place. Organizations in the financial services, retail and technology sectors globally report the highest level of policies currently in place. At the same time, only 45% of respondents report that they have a formal AI oversight and governance function and only 37% report that they regularly monitor or audit AI usage and outputs.
- Data privacy and a platform approach are top priorities: When asked about their cybersecurity technology preferences, respondents highlighted the importance of data privacy and a platform approach. Notably, 84% reported that they prefer solutions that don’t require external data sharing and 87% indicated they prefer a platform approach over implementing a collection of point solutions.
- Cloud and network security seen as key areas for future impact of AI: When asked to look ahead at the future impact of AI in cyber defense, cloud security (66%) and network security (55%) are identified as two domains where cybersecurity professionals expect defensive AI to have the biggest impact.
“The integrity and reliability of IT systems are under increasing pressure as adversaries harness Generative AI to amplify their attacks. The rapid evolution of AI-powered threats is forcing security teams to rethink their defensive strategies, as traditional cybersecurity measures can no longer match the speed, scale, and sophistication of modern attacks,” said Jon Mendoza, CISO of Technologent, a global provider of IT solutions and services for Fortune 1000 companies. “To stay ahead, organizations must integrate AI-driven security solutions that not only detect and respond to threats but proactively anticipate them. True resilience comes not just from deploying AI but from empowering security teams with the knowledge and tools to wield it effectively. A security platform built on actionable-intelligence and hyper-automation is essential to containing threats and minimizing the blast radius of attacks. In today’s ever-evolving threat landscape, AI isn’t just an advantage—it’s a fundamental necessity.”
Since 2013, Darktrace has applied AI to help organizations build a more proactive and resilient defense against sophisticated and evolving threats. Darktrace takes a multi-layered approach to AI that combines multiple machine learning techniques to create the AI engine that powers the Darktrace ActiveAI Security Platform. The platform provides comprehensive multi-domain detection across network, cloud, email, applications, identities and operational technology – as well as precise autonomous response to known and novel threats often missed by traditional tools. Applied directly to each organization’s digital environment, Darktrace’s AI continuously ingests data and learns in real-time to form an understanding of the normal behavior of each environment, right down to the granular details of specific users and devices.
Darktrace’s AI is used by nearly 10,000 organizations globally to transform security operations by providing unprecedented visibility, automate investigations to save hundreds of hours of time, and free up security teams to focus on more proactive work.
