Cisco Study Reveals Alarming Deficiencies in Security Readiness

Rhea-AI Summary

Cisco's (CSCO) 2025 Cybersecurity Readiness Index reveals only 4% of organizations globally have achieved 'Mature' cybersecurity readiness, a slight increase from 3% last year. The study, based on a survey of 8,000 security leaders across 30 markets, shows 86% of organizations experienced AI-related security incidents in the past year. Key findings include: 49% of organizations suffered cyberattacks, while 71% expect business disruptions from cyber incidents within 24 months. Despite these threats, only 45% of organizations allocate more than 10% of their IT budget to cybersecurity, an 8% decrease year-over-year. The report highlights critical challenges including widespread GenAI adoption risks, with 51% using approved tools but 22% having unrestricted access, and a significant 86% of organizations facing skilled cybersecurity talent shortages.

Positive

• 89% of organizations use AI for better threat understanding, with 85% using it for threat detection
• 96% of organizations plan to upgrade their IT infrastructure
• 51% of employees use approved third-party GenAI tools
• Slight improvement in mature-level cybersecurity readiness from 3% to 4% year-over-year

Negative

• 86% of organizations experienced AI-related security incidents in the past year
• Only 4% of organizations have achieved mature cybersecurity readiness
• 8% year-over-year decrease in organizations allocating more than 10% of IT budget to cybersecurity
• 86% of organizations face skilled cybersecurity talent shortages
• 77% report complex security infrastructures impeding threat response
• 60% lack confidence in detecting unregulated AI deployments
• 84% face increased security risks from unmanaged devices in hybrid work models

News Market Reaction

+0.59%

1 alert

+0.59% News Effect

On the day this news was published, CSCO gained 0.59%, reflecting a mild positive market reaction.

Data tracked by StockTitan Argus on the day of publication.

News Summary:

• Cybersecurity readiness remains alarmingly low as only 4% of organizations worldwide have achieved a mature level of readiness.
• Organizations continue to struggle with the complexities introduced by AI, with 86% having experienced AI-related security incidents in the last year.
• The ongoing shortage of skilled cybersecurity professionals remains a challenge for 86% of organizations.

SAN JOSE, Calif., May 7, 2025 /PRNewswire/ -- According to Cisco's (NASDAQ: CSCO) 2025 Cybersecurity Readiness Index, only 4% of organizations worldwide have achieved the 'Mature' level of readiness required to effectively withstand today's cybersecurity threats.  This is a slight increase from last year's Index, in which 3% of organizations worldwide were designated as Mature. This demonstrates that despite a slight improvement from last year, global cybersecurity preparedness remains low as hyperconnectivity and AI introduce new complexities for security practitioners.

AI is revolutionizing security and escalating threat levels, with nearly 9 in 10 organizations (86%) facing AI-related security incidents last year. However, only 49% of respondents are confident their employees fully understand AI related threats, and 48% believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks. This awareness gap leaves organizations critically exposed.

AI is compounding an already challenging threat landscape. In the last year, nearly half of organizations (49%) suffered cyberattacks, hindered by complex security frameworks with disparate point solutions. Looking forward, respondents view external threats like malicious actors and state-affiliated groups (58%) as more significant to their organizations than internal threats (42%), underscoring the urgent need for streamlined defense strategies to thwart external attacks.

"As AI transforms the enterprise, we are dealing with an entirely new class of risks at unprecedented scale - putting even more pressure on our infrastructure and those who defend it," said Cisco Chief Product Officer Jeetu Patel. "This year's report continues to reveal alarming gaps in security readiness and a lack of urgency to address them. Organizations must rethink their strategies now or risk becoming irrelevant in the AI era."

2025 Cisco Cybersecurity Readiness Index: Cybersecurity Readiness Remains Flat as AI Transforms the Industry

The Index evaluates companies' readiness across five pillars—Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification— and encompassing 31 solutions and capabilities. Based on a double-blind survey of 8,000 private sector security and business leaders in 30 global markets, respondents detailed their deployment stages for each solution. Companies were then categorized into four readiness stages: Beginner, Formative, Progressive, and Mature.

Findings

The lack of cybersecurity readiness globally is alarming as 71% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months. Further:

• AI's Expanding Role in Cybersecurity: An impressive 89% of organizations use AI to understand threats better, 85% for threat detection, and 70% for response and recovery, underscoring AI's vital role in strengthening cybersecurity strategies.
• GenAI Deployment Risks: GenAI tools are widely adopted, with 51% of employees using approved third-party tools. However, 22% have unrestricted access to public GenAI, and 60% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges.
• Shadow AI Concerns: Sixty percent of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks.
• Unmanaged Device Vulnerability: Within hybrid work models, 84% of organizations face increased security risks as employees access networks from unmanaged devices, further exacerbated by using unapproved Gen AI tools.
• Investment Priorities Shift: While 96% of organizations plan to upgrade their IT infrastructure, only 45% allocate more than 10% of their IT budget to cybersecurity (down 8% year-over-year), emphasizing a critical need for more focused investment in comprehensive defense strategies, which is incredibly important as threats are not slowing.
• Complex Security Postures: Over 77% of organizations report that their complex security infrastructures, dominated by the deployment of more than ten point security solutions, are impeding their ability to respond swiftly and effectively to threats.
• Talent Shortage Impedes Progress: A staggering 86% of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with more than half reporting more than ten positions to fill.

To tackle today's cybersecurity challenges, organizations must invest in AI-driven solutions, simplify security infrastructures, and enhance AI threat awareness. Prioritizing AI for threat detection, response, and recovery is essential, as is addressing talent shortages and managing risks from unmanaged devices and shadow AI.

Additional Resources:

• Microsite
• Cybersecurity Readiness Assessment Tool

About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities to unlock innovation, enhance productivity and strengthen digital resilience.  With purpose at its core, Cisco remains committed to creating a more connected and inclusive future for all. Discover more on The Newsroom and follow us on X at @Cisco.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word 'partner' does not imply a partnership relationship between Cisco and any other company.

View original content to download multimedia:https://www.prnewswire.com/news-releases/cisco-study-reveals-alarming-deficiencies-in-security-readiness-302447554.html

SOURCE Cisco Systems, Inc.

FAQ

What percentage of organizations have achieved mature cybersecurity readiness according to Cisco's 2025 study?

According to Cisco's 2025 Cybersecurity Readiness Index, only 4% of organizations worldwide have achieved the 'Mature' level of cybersecurity readiness, up slightly from 3% the previous year.

How many organizations experienced AI-related security incidents in 2024-2025 according to CSCO's report?

According to Cisco's study, 86% of organizations faced AI-related security incidents in the past year.

What percentage of companies allocate significant cybersecurity budget in 2025?

Only 45% of organizations allocate more than 10% of their IT budget to cybersecurity, representing an 8% decrease year-over-year.

What are the main cybersecurity challenges identified in Cisco's 2025 report?

The main challenges include: 86% facing skilled cybersecurity talent shortages, 77% struggling with complex security infrastructures, 84% experiencing risks from unmanaged devices, and 60% lacking confidence in detecting unregulated AI deployments.

How many organizations expect cyber incidents to disrupt business by 2027?

71% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months.