The Cybersecurity Readiness Index 2025 reveals that most organizations lack the necessary defenses in a landscape dominated by Artificial Intelligence and digital complexity.
The transformation driven by Artificial Intelligence has escalated cybersecurity risks to an unprecedented level. This is confirmed by the latest Cybersecurity Readiness Index from Cisco, which shows that only 4% of organizations worldwide achieve a “mature” level of readiness against digital threats, just one percentage point higher than the previous year.
The study, based on surveys of 8,000 business and security leaders from 30 countries, presents a concerning reality: despite the rapid adoption of AI-based technologies, organizations remain poorly prepared to face the risks generated by these very technologies.
AI as a Double-Edged Sword: Defensive Tool and Attack Vector
A key finding from the report indicates that 86% of companies experienced AI-related security incidents in the past year. However, only 49% believe their staff fully understands the risks associated with AI use, and a similar percentage believes their team understands how attackers are exploiting these technologies to carry out sophisticated attacks.
At the same time, the legitimate use of AI has surged: 89% of organizations already use AI to analyze threats, 85% for detection, and 70% for response and recovery. This rise underscores the critical role AI plays in defense strategies, although it also highlights a gap between technological adoption and awareness of its risks.
Additional Risks: Unmanaged Devices and Shadow AI
The report emphasizes that hybrid work environments have increased the attack surface. 84% of organizations report being more exposed as their employees access corporate networks from unmanaged devices. Furthermore, the phenomenon of Shadow AI—the use of AI tools not approved by IT—represents another blind spot: 60% of companies do not trust their ability to detect these unregulated uses.
The use of public GenAI tools has also grown unchecked. While 51% of employees use approved tools, 22% access public GenAI services without restrictions, and in 6 out of 10 organizations, IT teams are unaware of these interactions.
Complex Infrastructures and Scarce Talent: Structural Challenges
The Cisco report also highlights that the complexity of the security environment hinders effective response: 77% of organizations employ more than ten distinct security solutions, making incident coordination and management difficult.
In addition, the talent shortage is significant: 86% identify the lack of qualified professionals as a critical barrier, and more than half of companies admit to having more than ten unfilled positions in their cybersecurity teams.
Insufficient Investment Despite Rising Risks
Although 96% of organizations plan to renew their IT infrastructure, only 45% allocate more than 10% of their budget to cybersecurity, an 8% decline from the previous year. This investment gap contrasts with the fact that 71% anticipate experiencing interruptions due to cyber incidents in the next 12 to 24 months.
Five Pillars for a Modern Defense Strategy
The Cisco index assesses organizations’ preparedness across five fundamental axes:
- Intelligent Identity
- Network Resilience
- Machine Reliability
- Cloud Reinforcement
- AI Fortification
These dimensions consist of 31 technological capabilities whose adoption defines each organization’s maturity level: Beginner, Developing, Progressive, or Mature.
Conclusion: Rethinking Security in the Age of AI
“The rise of AI has brought a new class of risks that are straining both infrastructures and the professionals tasked with protecting them,” stated Jeetu Patel, Chief Product Officer of Cisco. “The report makes it clear that organizations must rethink their strategies or risk becoming irrelevant in the era of Artificial Intelligence.”
The recommendation is clear: simplifying infrastructures, strengthening the use of AI in cyber defense, increasing training on emerging threats, and closing talent gaps will be key to building a real digital resilience in the coming years.