Majority of Businesses Unprepared for AI-Powered Cyberattacks, Cisco Warns

Cisco’s latest research reveals that most organizations are ill-equipped to handle today’s growing cyberthreats. According to the 2025 Cisco Cybersecurity Readiness Index, only 4 percent of organizations have achieved a “Mature” level of cybersecurity preparedness capable of withstanding modern cyberattacks.

Cisco’s research study is based on a survey of 8,000 private sector security and business leaders across 30 global markets. The respondents represented a diverse range of industries, such as retail, financial services, technology services, and manufacturing. This study evaluates cybersecurity readiness across the five most important pillars. These include Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification.

According to the report, AI is reshaping how organizations manage cybersecurity by automating threat detection, speeding up response times, and strengthening overall defenses. However, cybercriminals are also using AI to launch increasingly sophisticated attacks. In fact, 86 percent of business leaders reported experiencing AI-related security incidents in the past year.

Despite the increasing threat, only 49 percent of respondents are confident that their employees fully understand AI-related threats. Moreover, only 48 percent believe that their teams comprehend how threat actors use AI to launch sophisticated attacks.

“As AI transforms the enterprise, we are dealing with an entirely new class of risks at unprecedented scale – putting even more pressure on our infrastructure and those who defend it,” explained Cisco Chief Product Officer Jeetu Patel. “This year’s report continues to reveal alarming gaps in security readiness and a lack of urgency to address them.”

Highlights from Cisco’s 2025 Cybersecurity Readiness Index

Here are the main takeaways from Cisco’s latest Cybersecurity Readiness Index report:

• 89 percent of organizations use AI to analyze potential threats, 85 percent rely on it for detecting cyberattacks, and 70 percent use it to respond to those threats.
• 51 percent of employees use third-party AI generative tools, and 22% have unrestricted access to public generative AI solutions. However, 60 percent of IT teams are unaware of how employees interact with generative AI tools.
• 60 percent of organizations lack confidence in their ability to detect unregulated or shadow AI deployments.
• Around 84 percent of employees use unmanaged devices, and many companies struggle with visibility over AI-related activities.
• 86 percent of companies report difficulties hiring cybersecurity professionals, with nearly 40 percent calling it a significant barrier.
• Nearly all companies plan to upgrade their IT security, and 93% report budget increases of at least 10% over the past year. However, cybersecurity spending as a percentage of total IT budgets is shrinking.

Recommendations

Cisco has provided several key recommendations for organizations to strengthen their cybersecurity posture. Businesses should prioritize hiring and training cybersecurity professionals with AI expertise. Moreover, administrators should create a robust identity security strategy that incorporates passwordless/multi-factor authentication and AI-powered detections. Companies should also implement a zero-trust security model to prevent unauthorized access within enterprise networks.

Furthermore, businesses must urgently enhance their network resilience to effectively prepare for the demands and challenges posed by AI. Organizations must also transition from fragmented security strategies to a unified, proactive model enhanced by AI for effective cloud reinforcement.