Darktrace has unveiled its 2025 State of AI Cybersecurity Report, revealing a rapidly evolving cyber threat landscape shaped by AI-powered attacks and growing gaps in AI comprehension within security teams.
The report, based on a survey of over 1,500 cybersecurity professionals across 14 countries, highlights a 5% increase in the number of CISOs reporting significant AI-driven security threats, with 78% now saying AI-powered attacks are impacting their organizations.
While AI threats are escalating, there’s also a rise in confidence among security teams—with 60% of respondents now feeling adequately prepared to combat AI-driven threats, up nearly 15% from last year.
However, a lack of AI knowledge and skills and a shortage of cybersecurity personnel remain the biggest obstacles to effective defense.
“The impact of AI on cybersecurity is clear and increasing. There are more employees and enterprise applications using AI that must be protected. Adversaries are using it to make their attacks more targeted, scalable, and successful,” said Jill Popelka, CEO of Darktrace.
“There has never been a more urgent need for AI in the SOC to augment teams and preempt threats so organizations can build their cyber resilience. That’s why Darktrace continues to invest in new innovations to help customers manage risk and thrive in this new era of AI threats.”
Key Findings from the Darktrace Report
AI-powered threats are becoming more sophisticated and widespread
78% of CISOs report a significant impact from AI-driven threats, up 5% from 2024.
Attackers are leveraging AI for highly targeted, scalable attacks, including advanced phishing campaigns and evolving ransomware techniques.
Security teams believe in AI’s potential but lack full understanding
95% of cybersecurity professionals believe AI improves security efficiency, but only 42% fully understand the AI models in their security stack.
Among CISOs, 60% say they know exactly which AI technologies they use, but this drops to just 10% among IT security analysts.
The top two barriers to effective AI-powered defense are:
Lack of AI knowledge and skills
Insufficient use of AI-driven countermeasures
AI is seen as a solution to the cybersecurity talent shortage
Only 11% of organizations planto expand their cybersecurity teams in 2025, despite growing threats.
- 64% plan to integrate AI-powered security solutions to compensate for staffing shortages.
- 88% believe AI is crucial in freeing up security teams to take on proactive threat mitigation.
AI security policies are increasing but remain inconsistent
95% of organizations are either discussing or have already implemented AI security policies.
However, only 45% have a dedicated AI governance function, and just 37% regularly monitor AI usage and outputs.
Data privacy and a platform approach are top priorities
- 84% prefer security solutions that do not require external data sharing.
- 87% favor a comprehensive security platform over multiple standalone solutions.
Cloud and network security seen as AI’s next frontier
- 66% of cybersecurity professionals see cloud security as the area where AI will have the biggest impact.
- 55% highlight network security as another key domain for AI-driven defense.
“The integrity and reliability of IT systems are under increasing pressure as adversaries harness generative AI to amplify their attacks,” said Jon Mendoza, CISO of Technologent. “The rapid evolution of AI-powered threats is forcing security teams to rethink their defensive strategies, as traditional cybersecurity measures can no longer match the speed, scale, and sophistication of modern attacks.”
Mendoza emphasized that AI-powered security solutions must go beyond detection and response, proactively anticipating and neutralizing threats before they escalate.
AI-Powered Cybersecurity Is No Longer Optional
The AI-driven cyber arms race is escalating at an unprecedented pace, and organizations must prioritize AI-enhanced security strategies to keep up.
While more companies are embracing AI-powered cybersecurity, the gap between AI confidence and comprehension remains a pressing challenge. Bridging this gap—through AI training, strategic implementation, and governance—will be key to strengthening cyber resilience in the AI era.
