North America | Europe | Asia Pacific | Latin America | Middle East | Africa
<>
PLATINUM
Past Frequency of Successful Cyberattacks7Future Likelihood of Successful Cyberattacks10Security Posture by IT Domain12Assessing IT Security Functions14
Section 2: Perceptions and Concerns16
Concern for Cyberthreats16Concern for Web and Mobile Attacks18Responding to Ransomware20Barriers to Establishing Effective Defenses23Attack Surface Management Challenges25Challenges Caused by Hybrid, Multi-cloud Environments27Boosting Careers with Cybersecurity Certifications29
IT Security Budget Allocation31IT Security Budget Change33Top Priorities for Improving Identity Security35Preferences for AI in Security Products37Outsourcing to Managed Security Service Providers (MSSPs)39Network Security Deployment Status41Endpoint Security Deployment Status43Application and Data Security Deployment Status45Security Management and Operations Deployment Status47
Frameworks and Standards Used to Assess Cybersecurity49Impact of Implementing Zero Trust Network Access (ZTNA)51Information Regularly Reported to the Board of Directors53Emerging IT Security Technologies and Architectures55
CyberEdge’s annual Cyberthreat Defense Report (CDR) plays aunique role in the IT security industryOther surveys do a greatjob of collecting statistics on cyberattacks and data breachesand exploring the techniques of cybercriminals and other badactorsOur mission is to provide deep insight into the mindsof IT security professionals
Survey Demographics
•Responses received from 1,200 qualified IT securitydecision makers and practitioners•All from organizations with more than 500 employees•Representing 17 countries across North America, Europe,Asia Pacific, the Middle East, Latin America, and Africa•Representing 19 industries
More than a decade after its first edition, the CDR has becomea staple among IT security leaders and practitioners by helpingthem gauge their internal practices and security investmentsaccording to those of their counterparts across multiple countriesand industriesIf you want to know what your peers in IT securityare thinking and doing, this is the place to look
2AI Is Coming Up EverywhereOur survey has one questionspecifically about AI, asking respondents about the strengthof their preference for purchasing security products thatfeature AI technologies (see page 37)But AI comes up inmany places in this report: as a force helping cybersecurityteams in their work (page 8), as a factor helping threat actors(page 17), as a tool to detect fraud and foil web applicationand mobile attacks (page 19), as a tool to filter out falsepositive alerts (page 24), as a technology embedded insecure email gateways to flag abnormal behaviors (page 42),and as the driver of a long-term arms race between threatactors and cybersecurity teams (page 57)In many waysthis dynamic mirrors how enterprises are starting to benefitfrom AI: not by acquiring “AI products,” but by leveraging AIcapabilities embedded in security solutions and platforms
CyberEdge would like to thank our Silver, Gold, and Platinumresearch sponsors, whose continued support is essential to thesuccess of this report
Top Five Insights for 2025
Our CDR reports yield dozens of actionable insightsHere are thetop five takeaways from this year’s installment:
1Have we turned the corner?The percentage oforganizations experiencing at least one successfulcyberattack trended upward from our 2016 CDR to the 2021editionSo did the percentage suffering from six or moreAnd so did the percentage of organizations that expectedto be compromised at least once in the coming yearButthose three metrics essentially plateaued between 2021 and2023 and then dropped to a lower plateau in the 2024 reportand this oneIt’s too early to let our guard down, but it doesseem like the factors working in favor of cybersecurity teams(like large investments in cloud security during the COVIDpandemic, the application of zero trust principles, a renewedinterest in cybersecurity basics, and AI embedded in securityproducts) are now matching or even outpacing the factorsworking for threat actors
3Twists and Turns for RansomwareIt’s hard to summarizethe changing dynamics of ransomware this yearAfter risingfor a decade, the percentage of organizations affected byransomware fell for the second year in a row (good newsJ), but average ransom demands have continued to rise(bad newsL)The percentage of victimized organizationsthat paid ransoms fell (probably good newsJ), but thepercentage of ransom payers who recovered their data fell(bad newsL)If you want to know the factors we think arebehind these gyrations, see pages 20-22
4The Never-ending Skills ShortageThe lack of experiencedcybersecurity personnel has been a running theme in CDRsfor yearsIn this report it comes up in a tie for first amongfactors inhibiting organizations from adequately defendingthemselves against cyberthreats (page 23) and as the biggestchallenge
