News Summary:
- AI is fueling a new cybersecurity arms race: 80 per cent of Canadian organizations experienced AI-related incidents last year.
- Readiness remains low: Just three per cent of organizations report having a mature level of readiness.
- Blind spots persist: Only 41 per cent of organizations have staff with a strong understanding of AI risks — and many key cybersecurity roles remain unfilled.
TORONTO, May 8, 2025 /CNW/ - Only three per cent of Canadian organizations are fully prepared to defend against today's cybersecurity threats, according to Cisco's (NASDAQ: CSCO) 2025 Cybersecurity Readiness Index. While this marks a slight improvement from last year (1%), readiness remains alarmingly low as hyperconnectivity and AI continue to add new layers of security complexities.
AI is revolutionizing security and escalating threat levels, with 80 per cent of Canadian organizations facing AI-related incidents in the past year. Among them, the most common were AI-powered phishing scams and social engineering attacks (41%), where GenAI tools are used to craft tailored phishing emails, clone voices and create deepfakes. Others faced attempts to steal or misuse AI models (38%), or had their systems tampered with using bad data to trick AI decision-making (22%).
As pressure to adopt AI mounts, a critical knowledge gap is emerging inside organizations leaving them exposed. Only 41 per cent of Canadian organizations are confident their employees fully understand AI-related threats. Even fewer (26%) feel equipped to conduct comprehensive AI security assessments.
AI is compounding an already challenging threat landscape. In the last year, 37 per cent organizations suffered cyberattacks, hindered by complex security frameworks with disparate point solutions. Looking forward, respondents view external threats like malicious actors and state-affiliated groups (60%) as more significant to their organizations than internal threats (40%), underscoring the urgent need for streamlined defense strategies to thwart external attacks.
"As AI transforms the enterprise, we are dealing with an entirely new class of risks at unprecedented scale - putting even more pressure on our infrastructure and those who defend it," said Cisco Chief Product Officer Jeetu Patel. "This year's report continues to reveal alarming gaps in security readiness and a lack of urgency to address them. Organizations must rethink their strategies now or risk becoming irrelevant in the AI era."
2025 Cisco Cybersecurity Readiness Index: Cybersecurity Readiness Remains Flat as AI Transforms the Industry
The Index evaluates companies' readiness across five pillars — Identity Intelligence, Machine Trustworthiness, Network Resilience, Cloud Reinforcement, and AI Fortification — and encompasses 31 solutions and capabilities. Based on a double-blind survey of 8,000 private sector security and business leaders in 30 global markets, respondents detailed their deployment stages for each solution. Companies were then categorized into four readiness stages: Beginner, Formative, Progressive, and Mature.
Findings
The lack of cybersecurity readiness globally is alarming as 65 per cent of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months. Further:
- AI's Expanding Role in Cybersecurity: An impressive 82 per cent of organizations use AI to understand threats better, 80 per cent for threat detection, 66 per cent for response and recovery, underscoring AI's vital role in strengthening cybersecurity strategies.
- GenAI Deployment Risks: GenAI tools are widely adopted, with 50 per cent of employees using approved third-party tools. However, 17 per cent have unrestricted access to public GenAI, and 72 per cent of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges.
- Shadow AI Concerns: Sixty-seven percent of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks.
- Unmanaged Device Vulnerability: Within hybrid work models, 74 per cent of organizations face increased security risks as employees access networks from unmanaged devices, further exacerbated by using unapproved Gen AI tools.
- Investment Priorities Shift: While 94 per cent of organizations plan to upgrade their IT infrastructure, only 33 per cent allocate more than 10 per cent of their IT budget towards cybersecurity, emphasizing a critical need for more focused investment in comprehensive defense strategies, which is incredibly important as threats are not slowing.
- Complex Security Postures: Over 67 per cent of organizations believe that the adoption of too many security solutions has in fact slowed down their team's ability to detect, respond and recover from incidents, with over 60 per cent of organizations having 10 or more point solutions in their security stack.
- Talent Shortage Impedes Progress: A staggering 85 per cent of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with 46 per cent reporting more than ten positions to fill.
"AI has pulled back the curtain on cybersecurity blind spots that many Canadian organizations didn't realize existed," said Robert Barton, Chief Technology Officer, Cisco Canada. "As AI-driven threats evolve, so too must our defenses. It's no longer about keeping pace, it's about setting the pace for security resilience."
To tackle today's cybersecurity challenges, organizations must invest in AI-driven solutions, simplify security infrastructures, and enhance AI threat awareness. Prioritizing AI for threat detection, response, and recovery is essential, as is addressing talent shortages and managing risks from unmanaged devices and shadow AI.
Additional Resources:
About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities to unlock innovation, enhance productivity and strengthen digital resilience. With purpose at its core, Cisco remains committed to creating a more connected and inclusive future for all. Discover more on The Newsroom and follow us on X at @Cisco.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word 'partner' does not imply a partnership relationship between Cisco and any other company.
SOURCE Cisco
Media Contact: Samantha Campana, Communications Lead, Cisco Canada, [email protected]
Share this article