2025年网络安全就绪指数 2025 Cisco Cybersecurity Readiness Index Readiness remains flat as AI transforms the industry

2025CiscoCybersecurityReadinessIndex

ReadinessremainsflatasAItransformstheindustry

©2025Ciscoand/oritsaffiliates.Allrightsreserved.

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|2

Contents

ExecutiveSummary3

BenchmarkingReadiness7

IdentityIntelligence8

MachineTrustworthiness10

NetworkResilience12

CloudReinforcement14

ArtificialIntelligence(AI)Fortification16

IndustryandSizeMatter18

Recommendations21

AbouttheResearch22

ExecutiveSummary

AfewshortyearsafterGenAIwasintroduced,artificialintelligence(AI)continuestochangethetechindustryatrecordspeed,as

businessesracetolaunchnewtechnologyandtomeaningfullyimplementitaspartoftheirITstrategies.

WhileAIbringspromiseofnewpossibilities,italsoaddslayersofcomplexitytoanalreadycomplicatedsecurity

landscape.It’schallengingforcompaniestobothembraceandsecureAI.What’smore,there’sadisconnectbetweengeneralunderstandingofthethreatsposedbyAIand

whatittakestosecureorganizationsagainstthose

threats.Nearlynineoutof10(86%)businessleaderswithcybersecurityresponsibilitiesreportedatleastoneAI-

relatedincidentinthepast12months.Just48%believe

thattheiremployeesunderstandhowmaliciousactorsareusingAItoenhancetheirattacks.Underhalf(45%)feel

theircompanyhastheinternalresourcesandexpertisetoconductcomprehensiveAIsecurityassessments.

However,only10%considerAItobethemostchallengingaspectoftheirsecurityinfrastructuretoprotect.AsAI-

enabledthreatsbecomeincreasinglysophisticated,thesethreatswillonlyrise.

Cisco’sthirdannualCybersecurityReadinessIndex

isourupdatedguidethataddressesthecurrentglobalcybersecuritylandscapeandassesseshowready

companiesaretofacetoday’scybersecurityrisks.Itisbasedonadouble-blindsurveyof8,000businesses

andcybersecurityleadersacross30globalmarkets.

Respondentsrepresentabroadrangeofprivatesectorindustries,includingfinancialservices,retail,technologyservices,andmanufacturing.

The2025editionofthisstudyshowsthatreadiness

remainedflatfrom2024.Basedonfivepillarsof

cybersecurityreadinessthataremostrelevantto

securingtoday’sorganizations–IdentityIntelligence,MachineTrustworthiness,NetworkResilience,

CloudReinforcement,andArtificialIntelligence(AI)Fortification.

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|3

Amerefourpercentofcompanies(asopposedto

threepercentin2023)reachedtheMaturestageof

readiness.Alarmingly,nearlythreequarters(70%)

remaininthebottomtwocategories(Formative,61%andBeginner,ninepercent)-withlittlechangefromlastyear.Asthreatscontinuetoevolveandmultiply,companiesneedtoenhancetheirpreparednessatanacceleratedpacetoremainaheadofmaliciousactors.

Intermsofthepillarsofreadiness,thisyear’s

resultsreflectthelargestincreaseisinMachineTrustworthiness(12%Mature),whichsawthe

mostgrowthcomparedtosevenpercentin2024.

ConverselythereportsawthelowestlevelsofmaturityinAIFortification(sevenpercent),NetworkResilience(sevenpercent),IdentityIntelligence(sixpercent),andCloudReinforcement(fourpercent),alltrailingwith

single-digitperformance.

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|4

lol

TypesofAI-relatedsecurity

incidentscompaniesexperienced

Modeltheftorunauthorizedaccess

43%

AI-enhancedsocialengineering

42%

Datapoisoningattempts

38%

Promptinjectionattacks

35%

Trainingdataexposure

26%

GlobalOverallReadiness(YoY)

MatureProgressiveFormativeBeginner

20242025

60%61%

26%26%

11%

3%4%

9%

ThreatstoAIsystemsandsecuredataprocesses

remainablindspotformanycompanies,despiteanabundanceofactiveandincreasinglysophisticatedattacks.Addedtothatisagenerallackofemployees’understandingofthesecurityrisksthatcomewith

usinganddevelopingAIapplications.

Only49%ofrespondentsbelieveemployees

fullyunderstandAI-relatedcybersecuritythreats,

whichcommonlytaketheformofmodeltheftor

unauthorizedaccess,AI-enhancedsocialengineering,ordatapoisoningattempts.

Thislackofunderstandingisovershadowedbythe

increasinglywidespreadadoptionofAI,particularly

GenAI.Whilehalf(51%)ofcompaniesrequiretheir

employeestoutilizeapprovedthird-partyGenAItoolsthroughasecurityservice,nearlyaquarter(22%)haveunrestrictedaccesstopubliclyavailabletools.This

unrestrictedaccessputssensitivecompanydataat

seriousriskandcouldleademployeestoinadvertentlypropagatethreats.

lol

RegardlessofhowemployeesuseAIatwork,ITteamshavelimitedvisibilityandcontrol,with60%saying

theycan’tseespecificpromptsorrequestsmadebyemployeesusingGenAItools.

UnregulatedAIdeployments,orshadowAI,pose

significantcybersecurityanddataprivacyrisks,asit

ishardforsecurityteamstomonitorandcontrolwhattheycan’tsee.60%statedtheylackconfidencein

theirabilitytoidentifytheuseofunapprovedAItoolsintheirenvironments.

AI-relatedrisksarefurthermuddyingwatersinan

already-complexoperatingenvironmentinvolvinghybridworkers,unmanageddevices,andsolutionsprawl.Thisbuildsthecaseformoreactionandinvestment.

Globally,nearlyhalfofrespondents(49%)experiencedatleastonecyberattackwithinthepastyear,and

nearlythreequarters(71%)ofthosesurveyed

believethatacybersecurityincidentislikelyto

disrupttheirorganizations’businesswithinthenext12to24months.However,mostcompaniesremainunderpreparedtopreventormanagethesethreats,withcybersecurityreadinesslevelsremaining

essentiallystaticinthepast12months.

Asmanyemployeescontinuetofollowahybridworkstructure,aroundonethirdofrespondents(31%)

reportthatonaverage,employeesattheircompanieslogintosixdifferentnetworksperweektowork,while84%sayemployeesaccesscompanynetworksfromunmanageddevices.

Tomakethingsmorecomplicated,morethanthree

quarters(77%)ofrespondentssaythatadopting

toomanycybersecuritysolutionssloweddowntheirteam’sabilitytodetect,respond,andrecoverfrom

incidentstheyaretryingtoprevent.Sevenin10(70%)saytheircompanieshavemorethan10pointsolutionsintheirsecuritystack,with26%admittingthatthey

havemorethan30.

Aswe’veseeninourpastreports,thetalentshortagecontinuestobeabarriertocybersecurityreadinessthatslowshowquicklysolutionscanbedeployed.Alargemajority(86%)ofrespondentsviewashortageofcybersecuritytalentasachallenge,with39%

describingthisasasignificantchallenge.Overhalf

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|5

Plannedincreaseincybersecurityinfrastructurespending

20242025

Increaseinspending

97%

98%

10-30%increaseinspending

52%

55%

Morethan30%increaseinspend

33%

31%

Plannedsecurityinvestments

Upgradingexistingcybersecuritysolutions

63%

Adding/investinginAIdriventechnologieslikeGenerativeAI

58%

Adding/investinginnewsolutions

55%

Employeetraining/hiringofITtalent

44%

Adding/investinginvisibilityandanalyticscapabilities

43%

Adding/investinginautomationcapabilities

34%

Outsourcingsomecapabilitiestomanagedserviceproviders

16%

(53%)reporthavingmorethan10cybersecurity

positionstofill,and88%saytheserolesaccountforover10%oftheirteam’sheadcountgap.

Morepositively,companiesrecognizetheneedfor

moreinvestmentincybersecurity.Almostall(96%)

respondentsplantoupgradeorrestructuretheirIT

infrastructurewithinthenexttwoyears,thesame

numberasin2024.Thismayreflectanunderstandingthattheirinfrastructureiscurrentlyfallingshort,withonly34%feelingveryconfidentintheresilienceof

theircompany’scurrentcybersecurityinfrastructureagainstattacks.

Nineoutoftenrespondentssaidtheircompany’s

cybersecuritybudgethasincreasedinthepast12to24months.Ofthese,93%reportedincreasesofat

least10%,andnearly30%sawincreasesof30%or

more.However,thepaceofbudgetincreasesappearstobeslowingasfewerrespondents(87%)expect

futureincreasestoexceed10%.

Eventhoughcybersecuritybudgetshaveincreased

formany,overallITspendallocatedtocybersecuritydecreased,withonly45%ofrespondentssayingtheircompanyallocatesmorethan10%oftheirITbudgettocybersecurity,comparedto53%in2024.IncreasesinoverallITspendareoutpacinggrowthincybersecuritybudgets,andunlessthesetwoarealigned,itwill

becomehardertodefendagrowingITinfrastructureinanintensifyingthreatenvironment.

Itiscrucialthatcompaniesunderstandtheir

cybersecurityreadinessandacknowledgethepillarsinwhichtheyfallshort.Byidentifyingweakspots,

theycanfocusresourcesonimprovingthoseareastobetterdefendagainstincreasingdigitalthreats.

Extentofbudgetincrease

%among

respondents

reporting

increaseinpast

12-24months

%among

respondents

predicting

increaseinthe

next12months

Lessthan10%

7%

13%

10–20%

32%

29%

21–30%

31%

27%

31–50%

19%

18%

51–75%

7%

8%

76–100%

3%

4%

Morethan100%

1%

1%

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|6

BenchmarkingReadiness

Basedondatafromadouble-blindsurveyof8,000businessleadersacross30globalmarkets,the2025

CybersecurityReadinessIndexassessesfivecritical

pillarsofcybersecuritypreparedness:IdentityIntelligence,

MachineTrustworthiness,NetworkResilience,Cloud

Reinforcement,andAIFortification.Withinthesepillars,weidentified31differentsolutionsrequiredtobedefinedasready.

Toassessreadiness,weaskedrespondentswhichofthese

solutionstheircompanieshadinplace,andtheirprogressin

deployment.Wescoredcompaniesbasedontheirdeploymentofthesesolutions,witheachsolutionassignedaspecific

weightwithinthebroaderthematicpillars.

Wecombinedorganizationalreadinessscoresineachpillartoassessoverallreadiness.Inthiscalculation,thepillarsareassignedweightingsreflectingtheirrelativeimportanceinacybersecurityposture:IdentityIntelligence(25%);NetworkResilience(25%);MachineTrustworthiness(20%);Cloud

Reinforcement(15%);andAIFortification(15%).

Acompleteexplanationofthemethodologyisincludedattheendofthisreport.

Basedontheoverall

score,companies

werecategorized

intooneoffour

stagesofreadiness:

MatureScore70to100

Companiesthathaveachievedadvancedstagesofdeployment

andaremostreadytoaddresscontemporaryrisksacrossthefull

spectrumofcybersecuritysolutions.Acompleteexplanationofthemethodologyisincludedattheendofthisreport.

ProgressiveScore41to69

Companiesdeployingaconsiderablenumberofsolutionsand

performingaboveaverageoncybersecurityreadinessacrossarangeofareas.

FormativeScore11to40

Companiesthathavesomelevelofdeploymentbutareperformingbelowaverageoncybersecurityreadinessacrossarangeofareas.

BeginnerScore0to10

Companiesattheinitialstagesofdeployingsolutions.

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|7

IdentityIntelligence

Managingaccesstonetworkandsystems

remainsacriticalpriorityamidanintensifyingthreatenvironment.Maliciousactorsare

usingevermoresophisticatedmeansintheirattemptstoaccessnetworks,includingAI-poweredphishinganddeepfakes,requiringresponsesthatcanverifyidentitiesquickly,accurately,andatscale.

The

CiscoTalos2024YearinReview

highlightsidentityasakeythemeforsecurityincidents,withthreat

actorstargetingusers’digitalfootprintsformalicious

purposes.Identity-basedattacksweredominant,

accountingfor60%ofallCiscoTalosIncidentResponse(TalosIR)cases.Actorsreliedonidentityattacks

tofacilitatemajorphasesoftheiroperations:initial

compromise,lateralmovement,privilegeescalation,

andmore.Difficulttopreventandevenhardertodetect,identity-basedattacksprovedtobehighlyeffectivein2024,allowingadversariestogounnoticedforlonger

periodsoftimebyusingcompromisedvalidaccounts,

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|8

lol

54%

34%

26%

14%

6%

48%

13%

5%

IdentityIntelligenceReadiness

MatureProgressiveFormativeBeginner

20242025

nolongerusingdetectablemalware,andsometimesleadingtounfetteredaccesstoentirenetworks.

In2025,IdentityIntelligencereadinessslightlyimproved,

withmorecompaniesmovingfromtheBeginnertothe

Formativestageandachievingpartialdeployment.Full

deploymentremainsstagnant,leavingjustsixpercent

ofcompaniesclassifiedasMature.Thissuggeststhat

organizationsaregrapplingwithunexpectedcomplexitiesorresourcelimitationsinthefinalstagesofimplementation.

Failuretoprotectandsecureidentitiescanleadto

significantreputationalriskandshouldbeanareaof

greaterfocus.ThisisespeciallyimportantasAIcanbothheightenvulnerabilitiesandimproveprotection.

AIisprovingtobeaboontopractitionersseekingtobolstersolutionstoverifyandsecureidentity.Becausesecuring

digitalidentitiesiscrucial,companiesareincreasinglyimplementingAI-drivensolutionstokeepthemsafe.Ofthosecompaniesadoptingidentitysolutions,nearlyhalf(47%)significantlyintegratedAIintothesecapabilities.

Currently,weseeidentitysolutionsbeingadoptedatvaryingrates,duetotheireffectiveness,easeofimplementation,

regulatorycompliance,cost,userexperience,andvendorsupport.Thesebarriersarelikelyslowing,butnotstoppingcompaniesfromdeployingnewsolutions.AdvancesinAIcouldhelpreducebarriersinthenearfuture.

ThetoptwomostadoptedsolutionsforIdentity

Intelligenceareidentitybehavioranalyticstoolsat54%,

andcontinuousrisk-basedaccessanalytics(tospot

identityanomalies)at51%.Thesetoolsarestillalongwayfrombeingfullydeployed.Solutionsthatfacilitateinitial

authenticationforpasswordlessaccessthroughouta

user’ssessioncurrentlyhavealoweradoptionrateof36%.

IdentifyingsuspiciousbehaviorandanomaliesisbecomingakeypriorityforcompaniesinrelationtoIdentity

Intelligence.Morethanonequarter(29%)ofrespondentsrankIdentityastheircompany’stopcybersecurity

challenge,thesecondhighestofanypillar.

Strikingabalancebetweenseamlessuserexperienceandrobustidentityprotectionisadelicatetask.Businesses

areactivelydeployingtoolstoachievethisbalancemoreeffectively,continuouslyadjustingandadaptingtothe

ever-evolvinglandscapeofthreatsandrisks.

Areascompaniesfindmostchallengingtoprotectagainstcyberattacks

Identity

29%

Machines

15%

Network

31%

Cloud

16%

Al

AIWorkloads

10%

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|9

MachineTrustworthiness

Theongoingprevalenceofhybridwork

continuestoposeachallengetomachine

integrity–employeesarelogginginto

companynetworksfromavastrangeof

devices,manyofwhichareunmanaged.

Concurrently,agrowingarrayofdevicesareconnectedtotheinternet,fromeveryday

householditemstoindustrialmachinery.ThisInternetofThings(IoT)landscape

significantlyexpandstheattacksurfaceformaliciousactors.

In2025,weobserveamoderateshiftinhowready

companiesareforMachineTrustworthiness,witha

morethanfivepercentincreaseinthosereachingtheMaturecategory.Thissuggeststhatsomecompaniesareprogressingtowardsfullyimplementingsolutionsthatensuredeviceintegrity.However,only12%of

companiesareintheMaturecategory,highlightingthatwhilethereisforwardprogress,manystillfacechallengesinachievingfullreadinessinthisarea.

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|10

lol

MachineTrustworthinessReadiness

MatureProgressiveFormativeBeginner

20242025

24%

12%

21%

7%

23%

19%

48%

46%

AIplaysacrucialroleinmonitoringandsecuringthese

interconnecteddevices,leveragingmachinelearningto

detectanomaliesandrespondtothreatsinreal-time.

However,thesameAIcapabilitiescanbeexploitedby

attackerstolaunchmoresophisticatedandtargeted

attacks,makingitimperativeforcompaniestostayvigilantandcontinuouslyenhancetheirsecuritymeasures.

Giventhescaleofthetaskathand,it’snosurprise

thatAIisincreasinglybeingusedtomanagemachine

integrity.Amongcompaniesadoptingthevariousmachineprotectionsolutions,onaverage,46%areincorporatingAItoasignificantextent.

Oncoremachineprotectioncapabilities,morethanhalf

(59%)ofrespondentssaidtheyhaveadoptedbuilt-in

protectionssuchasFirewallandIPS.CompaniesrecognizethepositionofMachineAuthenticationofIntegritysuch

asBasicInputOutputSystem(BIOS),with56%rollingoutthesesolutions.Machinebehaviorandanomaly-protectiontoolsareusefulfordefendingagainstmachinethreats,

with51%adoptingthissolution.

Despitetheseefforts,thescaleofdeploymentislagging.Half(50%)ofthecompaniesareeitherjuststartingor

onlypartiallyalongthepathofimplementingmachine

protectionsolutions.While53%havefullydeployed

MachineAuthenticationandIntegritycapabilities,only52%havefullyimplementedBuilt-inProtections.

Lookingahead,53%ofcompaniesplantodeployMobileDeviceManagement(MDM)withinthenext12months.Additionally,25%arelookingtoimplementMachine

AuthenticationandIntegrity,while50%arefocusingonMachineUpdatePolicies.Despitetheseplans,only12%ofcompaniesareintheMaturecategoryformachine

security,with65%stillinthetwolaggingcategoriesofreadiness.

ThegrowingrelianceonAIformachinesecurity

underscorestheimportanceofstayingaheadofpotentialthreats.AsAItoolsbecomemoresophisticated,sodothetacticsofmaliciousactors,makingitcrucialforcompaniestocontinuouslyenhancetheirsecuritymeasures.

lol

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|11

NetworkResilience

Hybridworkenvironmentsarehereto

stay,andsecuringcorporatenetworkshasbecomeincreasinglycomplex.Employeesnowaccesscriticaldatafrommultiple

locationsanddevices,oftenbeyond

traditionalsecurityperimeters.Networks

areevolvingtohandlesensitivedata

acrosscloud,on-premise,andinedge

environments.AIisreshapingcybersecurityinbothattackanddefensestrategies.

Datacentercapacityisexpectedtogrowby

19-22%

annuallyuntil2030

,drivenbyAIworkloads.ThissurgeintrafficpresentsnewsecuritychallengesasthreatactorsuseAItoautomatephishing,createdeepfakesocial

engineeringattacks,anddeployadaptivemalware.Theshifttohybridworkexacerbatesthesechallengeswithunmanageddevicesandfrequentloginsfrommultiplenetworks,providingampleopportunityforAI-poweredthreatslikecredentialstuffingandautomatedlateral

movementwithincompromisednetworks.

ciscc"©2025Ciscoand/oritsaffiliates.Allrightsreserved.2025CiscoCybersecurityReadinessIndex|12

lol

53%

49%

30%

26%

14%14%

7%7%

NetworkResilienceReadiness

MatureProgressiveFormativeBeginner

20242025

Withtheriseintrafficflowsandcomplexnetworking

threats,it’sunsurprisingthatnearlyathird(31%)of

respondentsrankedNetworkasthemostchallengingpillartoprotect–morethananyotherarea.

NetworkResilienceisslidingbackwards,withanotableshiftfromProgressive(fourpercentdecrease)to

Formative(fourpercentincrease).Thisdowngrade

suggeststhatratherthanprogressingtowardmore

robust,proactivesecuritymodels,manyappeartobe

losingground,possiblyduetothetechnicalandfinancialchallengesassociatedwithupgradinglegacynetwork

defenses.Asnetworksbecomemoredistributedacrosscloud,on-premise,andedgeenvironments,thecostandexpertiserequiredtomaintainresiliencemaybeprovingoverwhelmingformanycompanies.

AIalsohasthepotentialtofundamentallytransform

networkdefenses.CompaniesareincreasinglyintegratingAI-drivensolutionstostrengthenNetworkResilience,

detectanomalies,andrespondtothreatsinrealtime.Onaverage,47%ofcompaniesthathaveadoptednetworkprotectionsolutionshavesignificantlyincorporatedAIintheirnetworkdefenses.

It’snosurprisethatmostofthetop-targetedvulnerabilitiesaremanyyearsold,highlightingongoingchallengesin