LevelBlue has launched its 2025 Futures Report: Cyber Resilience and Business Impact at the RSAC™ Conference. Following the release of the inaugural LevelBlue Futures Report in 2024, this year’s report dives into the characteristics of cyber resilient organisations, evolving attack vectors, and how leaders are aligning business goals and cybersecurity.
As artificial intelligence (AI) brings about excitement and transformative potential, the report reveals that organisations are forging ahead with innovations despite increased security concerns. In fact, just 29% of executives surveyed say they are reluctant to implement AI tools and technologies because of cybersecurity ramifications.
Organisations expect AI-powered attacks, such as deepfakes and synthetic identity attacks, to rise in 2025, but many remain unprepared. The LevelBlue Futures Report found that only 29% of executives say they are prepared for AI-powered threats, despite nearly half (42%) believing they will happen. Additionally, just about one-third (32%) believe their organisation is prepared for deepfake attacks, even though 44% are expecting them. As AI-powered technologies make attacks more sophisticated, 59% of executives say that it is becoming more difficult for employees to identify real threats.
“In 2025, AI is forcing organisations to pivot once again,” said Theresa Lanowitz, Chief Evangelist of LevelBlue. “Our research shows that leaders are becoming more aware of the threats they face, and elevating cyber resilience measures accordingly. However, they still underestimate the potential risk of AI-powered cyberattacks and have extensive work ahead to properly prepare and protect themselves.”
Fortunately, enterprise alignment and awareness of cyber resilience have been a core focus over the past 12 months, with 45% of executives saying that cyber resilience is recognised as a whole company priority rather than simply a cybersecurity issue—an increase from 27% last year. Two-thirds (66%) of executives say their cybersecurity team is aligned with lines of business, while nearly half (43%) of executives within cyber resilient organisations report they are increasing boardroom engagement in resilience-related discussions—compared with 37% of executives overall. In turn, 79% of cyber-resilient organisations say their adaptive approach to cybersecurity enables their company to take greater risks with innovation.
Additional key findings include:
48% report needing to get better at defending against AI-powered cyber adversaries
41% of organisations say they are experiencing a significantly higher volume of attacks
61% of cyber resilient leaders have allocated a cybersecurity budget to new initiatives from the beginning, compared to 46% overall
53% of cyber resilient organisations are committing significant investment to advanced threat detection
68% say media reports of high-profile breaches have elevated cybersecurity on the C-suite agenda
The LevelBlue Futures Report recommends four specific steps to best achieve cyber resilience: Push cyber resilience up the organisation, embed cybersecurity responsibilities throughout the organisation, be proactive (not reactive), and prioritise resilience in the software supply chain.
