In this stats report, you will see stats covering the major issues of AI in cybersecurity in the year 2025.
Let’s get started with the highlights.
On this page
- Key AI Cybersecurity Stats: Editor’s Choice
- How is AI Impacting Cybersecurity: Adoption Statistics
- How Big is The AI Cybersecurity Market?
- Statistics on Generative AI Usage By Cyber Threat Actors
- Enterprise AI Cybersecurity Statistics
- How Hackers Abuse AI: Personal Cybersecurity Statistics
- Vulnerability Scanning for Cybersecurity Statistics
- AI Risks
- Final Thoughts: Why is AI Considered a Double Sword in Cyber Security?
Key AI Cybersecurity Stats: Editor’s Choice
1. 69% of enterprises say they would require AI to help with the increasing number of cyber threats.
2. AI-driven security systems exhibit the ability to scale to handle increasing data volumes effortlessly.
3. The enhancements of AI-based security integration were:
- improved detection and prevention of cyberattacks
- reduced time to respond and remediate incidents
- enhanced visibility and control over the IT infrastructure
- optimized security operations
- reduced costs
- and increased efficiency and productivity of security analysts
4. AI is helping threat actors and state-sponsored adversaries launch ransomware attacks across multiple stages of the attack chain.
5. Even a low-skilled attacker could exploit 10 percent of vulnerabilities by using a ready public exploit.
How is AI Impacting Cybersecurity: Adoption Statistics
AI adoption is no longer a passing trend, it is now necessary for organizations to adopt it as cybercriminals are getting better with technology as well.
AI’s ability for huge data processing can detect anomalies that humans miss. (Palo Alto Networks, 2024)
72% of Organizations in France Have Adopted AIOps Solutions to Tackle The Complexity of Their Multicloud Environments
AIOps refers to the use of artificial intelligence capabilities to automate and streamline IT workflows.
Apart from this, 24% wish to adopt this technology in the year 2025. (Dynatrace, 2024)
In Germany, 84% of organizations have already adopted AIOps, and 14% plan to adopt it in the next 12 months. (Dynatrace, 2024)
How Big is The AI Cybersecurity Market?
The global AI in Cybersecurity market is valued at $ 22.4 billion in 2023 and is expected to reach $60.6 billion by 2028. (Skyquest, 2023)
This points to a CAGR of around 21.9% from 2023-2028. (Skyquest, 2023)
82% of Leaders Said Their Firms Have Increased Cybersecurity Budgets Year Over Year
Along with that, 90% of IT leaders and 80% of non-IT leaders say their organizations have cybersecurity more seriously in the past year. (Last Pass, 2024)
Statistics on Generative AI Usage By Cyber Threat Actors
Cyber threat actors do not require exceptional skills to perform breach attempts with the rise of AI-powered tools.
1. GenAI is a game-changer for AI-powered cyber threats as there are now only very few skills required to perform such an act. (FS-ISAC, 2024)
2. Free and open-source tools such as ChatGPT have already been tricked into writing malicious code. (FS-ISAC, 2024)
3. In the year 2023, over a third of all DDoS attacks targeted the financial sector. (FS-ISAC, 2024)
4. Highly skilled cybercriminals could exfiltrate information from or inject contaminated data into the large language models (LLMs) that train GenAI. (FS-ISAC, 2024)
5. The use of corrupted GenAI outputs can expose financial institutions to severe legal, reputational, or operational consequences. (FS-ISAC, 2024)
6. The supply chain is a major threat exposure vector for the financial sector. (FS-ISAC, 2024)
7. The Summit Declaration highlighted the importance of ensuring that AI is designed, developed, deployed, and used in a manner that is safe, human-centric, trustworthy, and responsible for the benefit of all. (NSCS GOV UK, 2024)
8. AI-driven malware, for instance, can adapt to the target environment, making it exceptionally difficult to detect and mitigate. (Deloitte, 2023)
There’s a 76% Spike in Data Theft Victims Named on The Dark Web
Throughout 2023, generative AI was rarely observed supporting malicious CNO development and/or execution.
Yet data theft has been on the rise.
As per the Identity Theft Resource Center, there are 1 billion data breach victims already so far in 2024.
Let’s look at some specific events from the last year:
- In the second half of 2023, SCATTERED SPIDER used the Azure AD PowerShell module to download all Entra ID user immutable IDs at a North American financial services victim. (CrowdStrike, 2024)
- The fact that the AI-generated material did not intrinsically leave significant indicators of its true nature or adversaries taking steps to avoid revealing evidence that generative AI was in use. (CrowdStrike, 2024)
- Based on a similar code style, SCATTERED SPIDER likely relied on an LLM to generate the PowerShell script in this activity. (CrowdStrike, 2024)
95% of Respondents Believe Dynamic Content Through LLMs is Making Detection of Phishing Challenging
The number of phishing emails has been on the rise as well.
81% of reporting businesses have seen an increase in phishing attacks in 2023. (LastPass, 2024)
Enterprise AI Cybersecurity Statistics
Enterprises are concerned about AI-powered threats and data privacy.
They are now blocking a significant percentage of AI transactions.
Enterprises Block 18.5% of AI and ML Transactions
The blocking of transactions points to growing concerns around AI data security and companies’ reluctance to establish AI policies. (Zscaler, 2024)
There is a 577% increase from April to January of 2024 in enterprises blocking AI transitions, which equates to a total of more than 2.6 billion blocked transactions. (Zscaler, 2024)
Top Three Blocked AI Applications Are ChatGPT, OpenAI, and Fraud.net
ChatGPT and OpenAI are part of the most widely used AI applications by transaction volume. They are also part of the three most blocked applications, including Fraud.net. (Zscaler, 2024)
How Hackers Abuse AI: Personal Cybersecurity Statistics
Here are a few myriad ways hackers use AI:
- Social Engineering Schemes: AI is used to automate the processes that go into a social engineering attack. (Morgan Stanley, 2023)
- Password Hacking: AI is used to improve algorithms for password guessing. (Morgan Stanley, 2023)
- Deepfakes: AI image generators can be used to produce deceptive visuals that feign authenticity. (Morgan Stanley, 2023)
- Data Poisoning: the algorithm is fed with deceptive information. (Morgan Stanley, 2023)
77% of AI Voice Scam Victims Lost Money
Greater than a third of people who’d lost money said it had cost them over $1,000, while 7% were duped out of between $5,000 and $15,000. (McAfee, 2023)
Researchers at McAfee find you can clone a voice from just three seconds of audio. (McAfee, 2023)
Vulnerability Scanning for Cybersecurity Statistics
The bar for hackers has been lowered due to AI, which significantly impacts the vulnerability landscape of companies.
10% of Organizational Vulnerabilities Are Not Very Difficult to Hack
Even a low-skilled attacker could exploit 10 percent of vulnerabilities by using a ready public exploit. (PT Security, 2020)
Simple Software Updates Can Protect High-Risk Vulnerabilities in 84% of Organizations
84% of companies have high-risk vulnerabilities half of which could be removed with a simple software update. (PT Security, 2020)
Vulnerability Threat Landscape
Within the vulnerability threat landscape, CrowdStrike assesses that edge device and EOL product targeting will persist in 2024. (CrowdStrike, 2024)
ECrime threat actors will likely remain the primary threat to most mobile users in 2024. (CrowdStrike, 2024)
Targeted intrusion actors will also almost certainly continue to target mobile devices. (CrowdStrike, 2024)
What Is the Role of Quantum Computing in Encryption and Cybersecurity?
Quantum Computing is a growing threat to secure encryption in the coming years.
Due to Quantum Computing’s superior computational power, various cryptographic ciphers may inevitably become obsolete and hackable. (EY, 2023)
Industry experts hypothesized quantum computers will be able to crack all current cryptosystems in the next five to 30 years. (Forrester, 2019)
A majority of industry experts claim that there is a 50%-70% chance of this occurring in the next 5 years. (Forrester, 2019)
AI Vulnerability Scanning Market Size To Grow to $7,574.30 Million by 2030
There are investment opportunities in the AI cyberthreat market to look out for as well.
The global AI Vulnerability Scanning market was valued at USD 3121.56 million in 2023 and is expected to grow at a CAGR of 13.52% during the forecast period 2024-2030. (Yahoo Finance, 2024)
AI Risks
AI is already making major decisions in people’s lives.
It decides who receives welfare, whether a loan is approved, or whether a job applicant receives an interview, which may even be an automated process. (Giving What We Can, 2024)
AI Safety is Largely Neglected
Responsible AI usage doesn’t seem to be a top priority for corporations.
1. Some experts on AI risk think that the odds of an existential catastrophe is as low as 0.5%, some think that it’s higher than 50%. (80000 Hours, 2024)
2. Around $50 million was spent on reducing catastrophic risks from AI in 2020 — while billions were spent advancing AI capabilities. (80000 Hours, 2024)
3. Between 37.8% and 51.4% of respondents gave at least a 10% chance to advanced AI leading to outcomes as bad as human extinction. (Arxiv, 2024)
4. However, there was broad agreement that research aimed at minimizing potential risks from AI systems ought to be prioritized more. (Arxiv, 2024)
So what are some potential risks that have a huge impact on humanity?
5. Potential risks from rapidly advancing AI capabilities are:
- People might think AI is aligned when it’s not. (80000 Hours, 2024)
- AI-enabled cyberattacks could provide access to other dangerous technology, such as bioweapons, nuclear arsenals, or autonomous weapons. (80000 Hours, 2024)
- AI-based biological design tools could enable the creation of dangerous pathogens by unethical people. (80000 Hours, 2024)
- AI could empower totalitarian governments and lead to a dystopian society. (80000 Hours, 2024)
There are smaller-scale risks as well, such as AI being biased in the hiring process.
6. Amazon used an AI to screen resumés, thinking this would increase the fairness and efficiency of their hiring process. Instead, they discovered that AI was biased against women. (Reuters, 2018)
Relative to the enormous scale of this risk, not enough work is being done to ensure AI is developed safely and in the interests of everyone.
The Difference Between Synthetic Media and Human-Generated Content Is Becoming Harder To Discern
Even for AI-detection technologies, deepfakes are becoming more maliciously realistic and harder to distinguish. (World Economic Forum, 2024)
Sundar Pichai, CEO of Google, announced a new workstream to bolster cyber defenses by speeding up detection and response teams. (Financial Times, 2024)
Final Thoughts: Why is AI Considered a Double Sword in Cyber Security?
69% of enterprises say they would require AI to help with the increasing number of cyber threats. (Deloitte, 2023)
While AI can be leveraged to bolster digital defenses, with its high data processing power and minimal inference time, these tools are still a double-edged sword.
AI-driven security systems exhibit the ability to effortlessly scale to handle increasing data volumes. (Deloitte, 2023)
Future threats in the year 2025 come from the evolution and enhancement of existing tactics, techniques, and procedures (TTPs). (NSCS GOV UK, 2024)
About the author
Chintan Zalani
I'm the insight architect behind Bot Memo. I have spent the last decade building media assets on the internet. Bot Memo started as a simple project covering industry deep dives. Then I built a data pipeline for it. And now I love analyzing and covering all things AI startups and trends on top of our own data infrastructure.
