Arctic Wolf has published findings from its State of Cybersecurity: 2025 Trends Report, offering insights from a global survey of more than 1,200 senior IT and cybersecurity decision-makers across 15 countries. Conducted by Sapio Research, the report captures the realities, risks, and readiness strategies shaping the modern security landscape.
The research reveals a shifting risk environment, with artificial intelligence (AI) and large language models (LLMs) emerging as the top concern for security leaders. For the first time, AI, including tools such as LLMs, has overtaken ransomware as the most pressing issue. While organizations are making substantial cybersecurity investments, the report also highlights persistent challenges including limited visibility, outdated incident response plans, and budget pressures.
Key findings from the report include:
AI Surpasses Ransomware as the Top Concern: 29% of security leaders cited AI, LLMs, and privacy issues as their number one concern, surpassing ransomware, malware, and data extortion (21%).
Breaches are Common and Transparency is Improving: 52% of respondents confirmed a breach in the past year (up from 48%), with 97% of known breaches disclosed. This indicates progress in regulatory compliance and incident transparency.
Significant Attacks Remain Widespread: 70% of organizations experienced at least one significant cyber attack in 2024, with malware and business email compromise being the most common.
Professional Ransomware Negotiators Reduce Payouts: Among those hit by ransomware, 76% paid. Of those, 90% engaged a professional negotiator, which led to reduced payments in more than half of the cases.
Endpoint Tools Are Widely Deployed but Visibility Lags: While 84% use next-generation endpoint security solutions, only 40% say they have 100% coverage and expect to maintain it.
“Arctic Wolf’s 2025 Trends Report offers a telling snapshot of how security leaders are thinking,” said Dan Schiappa, president, Technology and Services, Arctic Wolf. “AI’s rapid emergence is creating new uncertainty, not only in how attackers operate but also in how defenders must respond. At the same time, ransomware remains a persistent and costly threat. As organizations race to implement AI-powered tools, it is critical they also do not lose sight of core security fundamentals like patching vulnerabilities, implementing detection and response, and maintaining a current incident response plan.”
