Austin, Texas, USA, August 26, 2025
Futurum’s 1H25 Cybersecurity Decision Maker Study Reveals That Only About One in Four Organizations Feel Equipped To Respond to AI-Driven Threats
Futurum’s 1H25 Cybersecurity Decision Maker Research reveals that organizations have begun taking steps to address the new security risks that are associated with artificial intelligence (AI) and machine learning (ML). With AI adoption occurring across industries, security leaders recognize that the same technologies enabling innovation also introduce new and complex threat vectors.
More than 25% of surveyed organizations have implemented dedicated AI/ML security controls and processes to evaluate and monitor AI-related vulnerabilities. This reflects a growing awareness that traditional security frameworks must evolve to address the unique risks posed by AI systems, spanning adversarial attacks on machine learning models to data poisoning and manipulation of generative AI outputs.
The study also found one-quarter of respondents acknowledge the presence of AI-powered attacks in today’s threat landscape, and even more expect these incidents to increase over the next 12 months. This expectation is not unfounded; threat actors leverage AI to automate attack planning, enhance phishing sophistication, evade detection, and identify exploitable weaknesses faster. As AI-driven tools become more accessible, the barrier to entry for launching sophisticated cyberattacks drops.
Figure 1: AI-Specific Security Incident Expertise
The growing speed and sophistication of malicious actors results in a notable skills gap. In Futurum’s study, only about one in four respondents felt their security teams are adequately equipped to handle AI-specific security incidents. This shortfall implies challenges in building or acquiring the specialized expertise needed to respond effectively to emerging AI threats.
“AI is transforming both innovation and the threat landscape. Our research shows that while organizations are moving to secure AI, the skills gap remains an important hurdle to overcome,” said Fernando Montenegro, VP and Practice Lead at Futurum.
AI-related security tooling can also help to close this skills gap. However, decision makers require transparency in order to verify that AI itself does not become a point of vulnerability. In fact, many decision makers in Futurum’s study indicated that they require vendors to disclose whether their products use AI and to detail the controls in place to secure that usage.
The findings point to a broader industry challenge: keeping pace with the dual forces of growing AI adoption and the evolution of related security concerns. While investment in AI-driven innovation will only increase, security programs must evolve in parallel to prevent innovation from outpacing protection. Failure to do so risks leaving organizations vulnerable to the very technologies they are adopting to gain competitive advantage.
“The adoption of AI demands an adaptation in the security strategy. To remain secure, organizations must invest in new tools with transparent and explainable usage of AI,” said Krista Case, Research Director at Futurum.
Overall, Futurum’s research paints a picture of a cybersecurity landscape in transition. Leaders are aware of the AI threat, are beginning to implement the necessary controls, and are demanding greater transparency from vendors. Yet, they are also grappling with the reality that AI necessitates not just new tools, but new skills, processes, and collaborative approaches to safeguard the future of digital business.
Read more in the 1H 2025 Cybersecurity Decision-Maker Survey Report on the Futurum Intelligence Platform.
About Futurum Intelligence for Market Leaders
Futurum Intelligence’s Cybersecurity and Resilience IQ service provides actionable insight from analysts, reports, and interactive visualization datasets, helping leaders drive their organizations through transformation and business growth. Subscribers can log into the platform at https://app.futurumgroup.com/, and non-subscribers can find additional information at Futurum Intelligence.
Follow news and updates from Futurum on X and LinkedIn using #Futurum. Visit the Futurum Newsroom for more information and insights.
Declaration of generative AI and AI-assisted technologies in the writing process: During the preparation of this work, the authors used Chat GPT to support editing and writing. After using this tool/service, the authors reviewed and edited the content as needed and take full responsibility for the publication’s content.
Other Insights from Futurum:
SailPoint Bolsters SaaS Security with Savvy Acquisition
Palo Alto Networks Makes Bold $25B Identity Play with CyberArk Deal
Security Summer Camp: Black Hat 2025, Def Con, And Others
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
