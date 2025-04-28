Based on an independent Ponemon Institute survey, the report reveals 79% of respondents say their organization is making changes to its cybersecurity budget. Of these respondents, 71% say security budgets are increasing, with the average budget at $24 million. This correlates with the heightened volume of threat vectors, with 66% of respondents reporting cybersecurity incidents have increased significantly or increased in the past year, up from 61% in 2024.

The report also highlights a notable shift in how organizations determine their cybersecurity budgets, with 67% now using risk and threat assessments to inform budget decisions, up from 53% in 2024. This move toward data-driven decision-making comes as organizations increasingly turn to managed security service providers (MSSPs), with outsourcing to MSSPs jumping from 47% in 2024 to 58% in 2025, particularly for cloud security guidance.

"The data clearly shows a concerning trend: despite increases in cybersecurity budgets and resources, organizations continue to face more frequent attacks," said John Hurley, Optiv's chief revenue officer. "What's promising is the shift toward more strategic, data-driven approaches to budget allocation and the growing adoption of MSSPs to extend capabilities, particularly as organizations work to better understand their security vulnerabilities within the threat landscape."

Additional key findings include:

AI and Machine Learning Adoption Accelerating: Forty-six percent of respondents say their organizations use AI/ML to prevent cyberattacks, with 88% of these respondents incorporating generative AI at some level. The primary drivers for AI/ML adoption are improving operational efficiency (41%) and maintaining competitive advantage (40%).

Nearly three in four respondents (74%) identify a lack of understanding of every potential source of vulnerability as their biggest challenge to effective vulnerability management. SASE and SOAR Implementations Growing: Sixty-six percent of respondents say their organizations have fully or partially implemented Secure Access Service Edge (SASE), while 72% continue to significantly or moderately use Security Orchestration, Automation and Response (SOAR) to reduce cyber threats.

Sixty-six percent of respondents say their organizations have fully or partially implemented Secure Access Service Edge (SASE), while 72% continue to significantly or moderately use Security Orchestration, Automation and Response (SOAR) to reduce cyber threats. Effectiveness of Cybersecurity Incident Response Plans (CSIRPs): Fifty-one percent of respondents say their organizations have a CSIRP applied consistently across the entire enterprise, up from 46% in 2024. The effectiveness of CSIRPs in minimizing the consequences of cybersecurity incidents has increased from 50% of respondents in 2024 to 57% of respondents in 2025.

"Our independent research for Optiv reveals that organizations are making strategic investments in technology, processes and people to combat increasingly sophisticated threats," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "The growing adoption of AI, machine learning and automation technologies signals a significant shift in how organizations approach cybersecurity defense, focusing on both prevention and rapid response capabilities."

Findings from Optiv's report are based on responses from 620 U.S.-based IT and IT security practitioners familiar with their organizations' strategies to manage threats and risks.

