The concern extends beyond speed. A significant number of respondents also raised red flags about the reliability and ethical grounding of AI systems. Around 64% expressed fears about a lack of integrity in AI outputs, while 57% cited trustworthiness as a major concern. These issues become even more pressing with generative AI, which relies heavily on large volumes of high-quality and often sensitive data to function effectively. With more autonomous AI systems emerging, the importance of data quality and secure handling grows significantly.
Despite these risks, adoption of generative AI continues to accelerate across industries. About one-third of enterprises report they are already integrating or transforming operations using generative AI. This growing reliance on AI is creating an environment where data is both a critical enabler and a significant risk factor. Organizations are now forced to manage this dual reality, navigating a complex threat landscape while trying to maximize the advantages of AI innovation.
Many businesses are pressing forward without fully locking down their systems. While generative AI is seen as a major security challenge, the rush to deploy often outpaces the necessary steps for ensuring infrastructure readiness. This trend may be introducing vulnerabilities that are not being adequately addressed, especially with the rising use of SaaS tools embedded with AI capabilities, which can add hidden layers of complexity.
Encouragingly, a majority of organizations are investing in solutions tailored to AI-specific risks. Around 73% are directing funds toward AI-focused security tools, with some allocating new budgets and others repurposing existing ones. Companies are taking a diversified approach—leveraging cloud service providers, traditional security vendors, and startups offering niche solutions—to counteract these emerging risks.
Generative AI has now become a top concern for cybersecurity spending, ranking just behind cloud security. This development underscores the growing recognition of the threat AI represents and the urgency to implement effective, specialized defense mechanisms. It also illustrates a strategic shift in how organizations are prioritizing and allocating resources to protect sensitive information.
On the topic of data breaches, the report delivers a cautiously optimistic update. While breaches remain a core concern, their frequency has seen a modest decline. In 2021, 56% of surveyed organizations reported experiencing a breach. That number has decreased to 45% in the current report. Additionally, breaches reported within the last 12 months dropped from 23% in 2021 to 14% now. Despite this improvement, malware continues to dominate as the most common form of attack, followed by phishing, which has now overtaken ransomware.
External threats are currently seen as the most dangerous, with hacktivists and nation-state actors topping the list. Meanwhile, human error, once a primary concern, has slipped to third place in terms of perceived threat level. This shift reflects a broader understanding of how external adversaries are becoming increasingly skilled and well-resourced.
Quantum computing presents another serious and growing challenge. The potential for future quantum systems to break current encryption methods is alarming for many security professionals. In the report, 63% of respondents identified the risk of encryption compromise as their top quantum-related concern. Additionally, 61% pointed to vulnerabilities in key distribution mechanisms, and 58% highlighted the risk of “harvest now, decrypt later” attacks, where encrypted data is stored for future decryption using quantum technology.
To address these quantum threats, many organizations are re-evaluating their current encryption strategies. Approximately 60% are testing or prototyping post-quantum cryptographic solutions. Yet, trust in external partners remains limited, with only a third of respondents expressing confidence in their telecom or cloud vendors to handle the transition effectively. The slow pace of encryption evolution is attributed to legacy systems, technical complexities, and the challenge of aligning innovation with risk management.
The landscape for data protection is changing rapidly. Enterprises must not only build robust systems to handle the challenges of generative AI but also lay the groundwork for defending against quantum-powered threats. The time to act is now, as the future of cybersecurity hinges on the speed and foresight with which organizations respond to these transformative technologies.
