Global Survey Finds Cyber Incidents Cost Organizations $3.7M on Average in the Past Year

Rhea-AI Summary

Zscaler (NYSE:ZS)-linked Red Canary released its 2025 Security Operations Trends Report on Oct. 23, 2025, based on a 550‑leader survey across the US, UK, Australia/New Zealand and Nordics. Key findings: organizations report an average cyber incident cost of $3.7M and 46% experienced outages from attacks. Budgets are rising—80% of security leaders say they are spending more—yet the attack surface grew 41% and 73% say detection‑to‑resolution times have increased. Skills gaps (intrusion detection 75%, incident response 72%) and mixed AI impacts (AI in use, but 43% saw AI‑related incidents) are highlighted.

Positive

• Average incident cost is $3.7M per organization
• 46% of organizations suffered outages or disruptions
• 80% of security leaders report increased security spending
• Attack surface expansion measured at 41% year‑over‑year
• 65% use AI for detection analytics in security operations

Negative

• 73% report longer detection‑to‑resolution timeframes
• 75% have skills shortages in intrusion detection
• 72% have incident response skills shortages
• 43% experienced incidents related to their own AI tools
• Concerns that AI could reduce independent problem‑solving for 75% of leaders

Red Canary report shows security leaders face rising pressure to combat threats and secure complex technology stacks despite increased investments

Key findings:

• Budgets rise, but challenges remain: 80% of security leaders say they're spending more than ever on security – yet breaches and threats keep growing.
• Detection delays widen the risk window: Security teams are struggling to keep up as the attack surface has widened by 41% in the past 12 months, while 73% of security leaders say the time from detecting an attack to resolution has increased.
• Safeguarding identities is a must: 83% of security leaders say today's attackers don't break in – they log in, and they're harder to stop than ever. Identity and access management isn't enough.
• Skills shortage continues: 75% of organizations have skills shortages around intrusion detection and 72% around incident response.

DENVER, Oct. 23, 2025 /PRNewswire/ -- Red Canary, a Zscaler company, today released its annual Security Operations Trends Report, providing insights into the critical challenges facing cybersecurity teams in 2025. Partnering with independent research company Coleman Parkes, Red Canary surveyed 550 security leaders from the US, UK, New Zealand, Australia, and Nordics. The survey shows that security operations center (SOC) teams continue to struggle with the challenges of securing cloud environments, identities, and AI technologies amid evolving threats, amplifying the risk and business impact of cyberattacks. Over the past year, security leaders estimate that, on average, cyber incidents cost their organization $3.7 million, with 46% suffering from an outage or disruption to their services as a consequence of attacks.

"CISOs, like their peers in lines of business, know they need to augment their teams with AI and automation, but finding security products and services that deliver actual value is hard amidst all the hype and empty marketing," said Brian Beyer, Co-founder of Red Canary. "They need to go all in on expert-supervised AI agents that support security analysts in threat detection, investigation, and response, with the focus on proven solutions powered by LLMs trained on real-world data to deliver unmatched speed and accuracy – not just the latest shiny tool or a legacy vendor repackaging itself as AI."

The role of AI in shaping future defense

AI is no longer an emerging technology – it's already become integral to security operations. In fact, 85% of security leaders say the real risk is being overwhelmed by the thousand missed threats that will get through if they don't automate more. However, security leaders are also weighing its advantages against the risks, citing the rise of AI-generated attacks that haven't been seen before as their top concern.

Further findings include:

• AI fears are exaggerated, but risks are real: 78% of security leaders say the talk of AI releasing a tidal wave of novel attacks is fear mongering, but 43% have already experienced an incident relating to their own AI tools.
• AI is already at work: Top AI use cases in security operations today include detection analytics (65%), intrusion detection (59%), and SIEM management (54%).
• Caution for the future: 75% of security leaders worry that while AI helps security teams work faster, it could ultimately reduce their ability to solve problems independently.

"AI is already transforming how security teams operate," said Beyer. "SOC teams are under immense pressure, and AI is giving security analysts the ability to cut through noise and respond to threats faster. AI works best as a force multiplier, augmenting human judgment rather than replacing it. The organizations that lean into this shift now will not only ease the strain on security analysts, but put themselves in the best position to anticipate emerging threats and stay ahead of disruption in an increasingly unpredictable environment."

Methodology

This research was conducted by Coleman Parkes as an online survey of individuals with decision-making responsibility for data tooling for cybersecurity solutions. Coleman Parkes surveyed 300 respondents in the US, 100 in the UK, 100 in Australia and New Zealand, and 50 in the Nordics from a cross-section of organizations with more than 1,000 employees.

About Red Canary, a Zscaler company
Red Canary is a leader in managed detection and response (MDR). We serve companies of every size and industry, focusing on finding and stopping threats before they can have a negative impact. As the security ally for nearly 1,000 organizations, we provide MDR across our customers' cloud workloads, identities, SaaS applications, networks, and endpoints. For more information about Red Canary, visit: https://www.redcanary.com.

About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across 160+ data centers globally, the SASE-based Zero Trust Exchange™ is the world's largest in-line cloud security platform.

View original content to download multimedia:https://www.prnewswire.com/news-releases/global-survey-finds-cyber-incidents-cost-organizations-3-7m-on-average-in-the-past-year-302592270.html

SOURCE Red Canary

FAQ

What did the Red Canary report say about cyber incident costs for ZS stakeholders on Oct. 23, 2025?

Surveyed security leaders reported an average cost of $3.7M per cyber incident for their organizations.

How widespread were service outages from attacks in the Oct. 23, 2025 report (ZS)?

46% of surveyed organizations said they experienced an outage or disruption due to cyberattacks.

What workforce gaps did the Oct. 23, 2025 Red Canary survey highlight for ZS investors?

The survey found skills shortages of 75% for intrusion detection and 72% for incident response.

How is AI being used in security operations according to the Oct. 23, 2025 report tied to ZS?

Top AI use cases reported: 65% detection analytics, 59% intrusion detection, and 54% SIEM management.

Does the Oct. 23, 2025 survey suggest security budgets are increasing for companies relevant to ZS?

Yes—80% of security leaders said they are spending more on security than before.