By 2025, ransomware will no longer be the undisputed biggest security concern for organizations. Striking a balance between innovation and risk is difficult to achieve, according to research by Arctic Wolf.
The results have been published in Arctic Wolf’s newly released State of Cybersecurity: 2025 Trends Report. AI, LLM’s, and privacy are now prime concerns. Limited insight, outdated incident response plans, and budget constraints are the main reasons for these issues cropping up in the way they are.
More transparency in successful attacks
Although attention to AI has grown, traditional threats remain prominent. The Arctic Wolf survey shows that more than half (52 percent) of organizations worldwide have experienced a successful cyberattack in the past year. This is a slight increase compared to last year (48 percent). On a positive note, 97 percent of the companies affected reported the breach to the relevant authorities. This seems to suggest that watchdogs have a good overview of the actual incidents, at least those known to the affected organizations.
Globally, 70 percent of organizations will have experienced at least one serious cyberattack by 2024, with business email compromise (BEC) being the most common type. Of the organizations worldwide that fell victim to ransomware, more than three-quarters (76 percent) paid the ransom demanded. Engaging professional negotiators proved effective: 90 percent of companies that did so saw a reduction in the ransom in more than half of the cases.
Gaps in endpoint security
Although 84 percent of organizations worldwide use endpoint security solutions, only 40 percent say they have complete confidence in their coverage.
“The 2025 Trends Report provides an insightful snapshot of how security leaders think,” said Dan Schiappa, President of Technology and Services at Arctic Wolf. “The rapid rise of AI is creating new uncertainties, not only about how attackers operate, but also about how defenders should respond. At the same time, ransomware remains an ongoing threat. As organizations rapidly implement AI tools, it is essential that they do not lose sight of fundamental security principles.”
Read also: Rapid rise of AI is leading to more cyberattacks
