Nearly all businesses exhibit low preparedness against cyber threats, asserts Cisco
The Cisco Cybersecurity Readiness Index for 2025 reveals that only around 30% of companies worldwide have reached a 'mature' or 'progressive' level of cybersecurity readiness to tackle current threats, including those posed by artificial intelligence (AI) [1][2]. This limited level of preparedness is consistent across various regions and industries, indicating a broad challenge in keeping pace with the rapidly evolving threat landscape dominated by AI-driven attacks.
### Current Cybersecurity Readiness Levels
In the UAE, 30% of organizations are considered mature or progressive in cybersecurity readiness, marking some improvement but still indicating substantial gaps [2]. South African organizations show high adoption of AI for cybersecurity functions, with 92% using AI to understand threats, 89% for threat detection, and over 80% for response and recovery, reflecting a progressive approach in these sectors [4].
### AI-Related Threats
A large majority of organizations, such as 93% in the UAE, reported facing AI-related cybersecurity incidents in the past year, highlighting the rapid escalation of AI-powered attack methods [2]. Common cyberattack types include malware (76%), phishing (59%), data breaches (47%), and ransomware (39%), many now enhanced or executed using AI techniques [2].
### Key Challenges Identified
A significant awareness gap exists, with only 62% of organizations believing their employees fully understand AI-related cybersecurity threats, and only 57% feeling their teams grasp how malicious actors use AI for sophisticated attacks [2]. Complex and siloed security frameworks hinder effective defense, with many organizations struggling to integrate AI-driven security measures cohesively [2].
### Strategies for Improvement and AI Integration
Organizations are increasingly using AI not just to detect threats but also to automate response and recovery processes, which is viewed as essential for enhancing security resilience [4]. Improving employee training on AI threats and malicious AI use is critical to close knowledge gaps. Simplifying and streamlining security architectures by moving away from fragmented point solutions towards integrated AI-driven platforms is recommended [2]. Addressing talent shortages in cybersecurity expertise, particularly in AI, is a key priority. Prioritizing patching and remediation of known vulnerabilities, especially those affecting cloud deployments, is urgent to prevent AI-exploited breaches [3].
### Expert Insights
Fady Younes, Managing Director for Cisco Cybersecurity in the Middle East and surrounding regions, stresses that AI brings unprecedented risks that require enhanced AI-based defense systems, streamlined security architectures, and prioritization of digital resilience to thrive in the AI era [2].
In summary, while AI is increasingly central to both cyber threats and defenses, most industries remain only partially ready. The Cisco Cybersecurity Readiness Index points to the urgent need for comprehensive AI-focused strategies, improved workforce education, integrated security frameworks, and proactive vulnerability management to bridge this cybersecurity readiness gap effectively. Signing up for Cisco's daily newsletter provides a free copy of their Future Focus 2025 report.
- To improve cybersecurity readiness levels, especially in the face of AI-driven threats, organizations in the UAE and beyond are recommended to prioritize employee training on AI-related threats, streamline security architectures, and address talent shortages in cybersecurity expertise, with a particular focus on AI.
- In the rapidly evolving landscape of data-and-cloud-computing, where AI poses significant threats, the adoption of AI by South African organizations for cybersecurity functions, such as understanding threats, threat detection, response, and recovery, is reflective of a progressive approach in these sectors.
- Achieving a high level of cybersecurity readiness, including tackling AI threats, necessitates not only integrating AI-driven security measures cohesively into existing networking infrastructure but also automating response and recovery processes using technology like cloud computing.
