2025 Thales Data Threat Report Reveals Nearly 70% of Organizations Identify AI's Fast-Moving Ecosystem as Top GenAI-Related Security Risk
MEUDON, France--(BUSINESS WIRE)-- Thales today announced the release of the 2025 Thales Data Threat Report, its annual report on the latest data security threats, trends, and emerging topics based on a survey conducted by S&P Global Market Intelligence 451 Research of more than 3,100 IT and security professionals in 20 countries across 15 industries. This year's report found that nearly 70% of organizations view the rapid pace of AI development 1 —particularly in generative AI—as the leading security concern related to its adoption, followed by lack of integrity (64%) and trustworthiness (57%).
'The clock is ticking on post-quantum readiness. It's encouraging that three out of five organizations are already prototyping new ciphers, but deployment timelines are tight and falling behind could leave critical data exposed.' - Todd Moore at Thales
The 2025 Thales Data Threat Report results reveal a major focus on the transformative impact of AI, especially GenAI, which relies heavily on high-quality, sensitive data for functions like training, inference, and content generation. As agentic AI emerges, ensuring data quality becomes even more critical for enabling sound decision-making and actions by AI systems. Many organizations are already adopting GenAI, with a third of respondents indicating it is either being integrated or is actively transforming their operations.
Organizations Embrace GenAI, Taking on Greater Security Risks Amid Rapid Adoption
As GenAI introduces complex data security challenges and offers strategic opportunities to strengthen defenses, its growing integration marks a shift among organizations from experimentation to more mature, operational deployment. While most respondents said rapid adoption of GenAI is their top security concern, respondents in the more advanced stages of AI adoption aren't waiting to fully secure their systems or optimize their tech stacks before forging ahead. Because the drive to achieve rapid transformation often outweighs efforts to strengthen organizational readiness, these organizations may be inadvertently creating their own biggest security vulnerabilities.
'The fast-evolving GenAI landscape is pressuring enterprises to move quickly, sometimes at the cost of caution, as they race to stay ahead of the adoption curve,' Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, said. 'Many enterprises are deploying GenAI faster than they can fully understand their application architectures, compounded by the rapid spread of SaaS tools embedding GenAI capabilities, adding layers of complexity and risk.'
Seventy-three percent of respondents report investing in AI-specific security tools, either through new budgets or by reallocating existing resources. Those prioritizing AI security are diversifying their approaches: over two-thirds have acquired tools from their cloud providers, three in five are leveraging established security vendors, and nearly half are turning to new or emerging startups. Notably, security for generative AI has quickly risen as a top spending priority, securing the second spot in ranked-choice voting, just behind cloud security. This shift underscores the growing recognition of AI-driven risks and the need for specialized defenses to mitigate them.
Data Breaches Show Modest Decline, Though Threats Remain Elevated
While data breaches remain a significant concern, their frequency has slightly decreased over the past few years. In 2021, 56% of surveyed enterprises reported experiencing a breach, but that figure has dropped to 45% in 2025. Additionally, the percentage of respondents reporting a breach within the last 12 months has fallen from 23% in 2021 to just 14% in 2025.
Malware continues to lead as the most prevalent threat, maintaining its top position since 2021. Phishing climbed to second place, overtaking ransomware, which now ranks third. When it comes to the most concerning threat actors, external sources dominate—hacktivists hold the top spot, followed by nation-state actors. Human error, while still significant, has dropped to third, down one position from the previous year.
Vendors Pressed on Post-Quantum Readiness as Encryption Strategies Are Reassessed
The 2025 Thales Data Threat Report reveals that most organizations are increasingly concerned about quantum-related security risks. The top threat, cited by 63% of respondents, is future encryption compromise—the risk that quantum computers could eventually break current or future encryption algorithms, exposing data once considered secure. Close behind, 61% identified key distribution vulnerabilities, where quantum advancements could undermine the secure exchange of encryption keys. Additionally, 58% highlighted the 'harvest now, decrypt later' (HNDL) threat, where encrypted data intercepted today could be decrypted in the future. In response, half of organizations are assessing their encryption strategies, and 60% are actively prototyping or evaluating post-quantum cryptography (PQC) solutions. Only one-third, however, are placing their trust in telecom or cloud providers to manage the transition.
'The clock is ticking on post-quantum readiness. It's encouraging that three out of five organizations are already prototyping new ciphers, but deployment timelines are tight and falling behind could leave critical data exposed,' Todd Moore, Global Vice President, Data Security Products at Thales, said. 'Even with clear timelines for transitioning to PQC algorithms, the pace of encryption change has been slower than expected due to a mix of legacy systems, complexity, and the challenge of balancing innovation with security.'
While this year's survey results indicate improvements in security posture, much more is needed to elevate operational data security to fully support the capabilities of emerging technologies such as GenAI and to pave the way for future innovations.
For more information please join our webinar hosted by Eric Hanselman, Chief Analyst at S&P Global 451 Research.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
Cybersecurity Solutions | Thales Group
1 This finding relates to the fast changes in the GenAI ecosystem which encompasses the full set of vendors and technologies in GenAI.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
29 minutes ago
- Business Wire
Angel or Adversary: Deep Instinct Research Highlights the Double-Edged Sword of AI in Cybersecurity
NEW YORK--(BUSINESS WIRE)-- Deep Instinct, the preemptive data security company built on the first and only AI-based deep learning framework for cybersecurity, today released the sixth edition of its Voice of SecOps Report, which delves into the growing influence of AI in business, with a focus on its impact on Security Operations (SecOps). While AI adoption is accelerating, the findings uncover a more complex reality: security teams are limited by knowledge gaps, inconsistent implementation, and mounting operational pressures as they face an increasingly treacherous, AI-driven threat landscape. The research, ' Cybersecurity & AI: Promises, Pitfalls – and Prevention Paradise,' found that nearly three-quarters (72%) of organizations have revised their cybersecurity strategies over the past year due to AI, and a whopping 86% have increased their use of AI within SecOps. Despite the investments, two-thirds of respondents were confused about fundamental AI definitions, with 38% unable to differentiate between machine learning and deep learning – signaling an alarming knowledge gap in the industry. Additional key findings from the report include the following: AI-Powered Cyber Threats Drive a Focus on Prevention As cybercriminals build and adopt AI tools, the nature and scale of attacks have drastically evolved and expanded. Nearly half (46%) of organizations experienced an uptick in targeted phishing attacks, while 43% reported deepfake impersonation attempts. Attacks on local or cloud storage were also a growing concern, cited as a top risk by 83% of respondents, second only to phishing (84%). In response to these AI-powered attacks, 82% of organizations say they have shifted toward a prevention-first security strategy, with 64% noting a direct push from the C-suite to adopt more proactive defense measures. Benefits of AI in Cybersecurity Roles Are Clear, Yet It Unexpectedly Contributes to Burnout SecOps teams appear to be reaping the benefits of AI, with 76% stating it makes their roles easier while saving security teams an average of 12 hours per week on manual processes. However, while GenAI may be simplifying some aspects of SecOps workloads, nearly 70% of security professionals believe AI also contributes to burnout. Regulatory complexity adds another layer of strain, with 32% citing difficulties in keeping up with increasing AI-related policies, and an additional 37% fearing AI-related regulations are a financial penalty waiting to happen. Preemptive Data Security: The New Imperative In the face of mounting threats, operational burnout, and AI confusion, preemptive data security – a subset of Gartner's recently introduced preemptive cybersecurity market category – offers a definitive path forward. By harnessing the power of deep learning to prevent threats before they execute, organizations will reduce risk, ease the burden on SecOps teams, and stay ahead of relentless adversaries. 'The traditional 'detect and respond' cybersecurity model is broken – it's reactive, expensive, and no match for AI-powered threats,' said Lane Bess, CEO of Deep Instinct. 'To win this fight, cybersecurity teams must shift from chasing threats to preventing them. Preemptive data security – powered by deep learning, the most advanced form of AI – is the only way for SecOps teams to regain control and stay ahead of adversaries.' To get the full report and download past Voice of SecOps reports, please visit s. Then register for our webinar, Cybersecurity & AI: Promises, Pitfalls – and Prevention Paradise (2025 Voice of SecOps Research), to learn about the top findings from this year's report. Survey Methodology Sapio Research surveyed 500 senior cybersecurity experts from companies with 1000+ employees in the U.S. The interviews were conducted online in April 2025 using an email invitation and an online survey. Respondents worked at organizations that operated in either financial services, technology, manufacturing, retail, healthcare, public sector, or critical infrastructure (such as telecoms, energy, utilities, and transportation). For this specific report, the C-suite is defined as those who hold chief, global, head of department, or director roles, while reports are those who hold a manager, administrator, analyst, team lead, or officer role. About Deep Instinct Deep Instinct, the first and only preemptive data security company built on a deep learning cybersecurity framework, prevents unknown threats in <20 milliseconds, 750X faster than the fastest ransomware can encrypt. Deep Instinct Data Security X (DSX) secures data at-rest or in-motion – across cloud, NAS, applications, and endpoints. DSX Brain, Deep Instinct's deep learning framework, prevents zero-day threats that no one else can find, with >99% accuracy and a <0.1% false positive rate. DIANNA, the DSX Companion, leverages GenAI to provide unparalleled explainability into unknown threats in <10 seconds. For more, visit
Yahoo
29 minutes ago
- Yahoo
ETFs to Bet On as NVIDIA Reclaims Market Cap Crown
NVIDIA NVDA reclaimed the position of the world's most valuable company, boasting a market capitalization of $3.45 trillion. The AI darling surpassed Microsoft MSFT, after a meteoric run driven by unrelenting demand for its artificial intelligence (AI) hardware. The milestone isn't just a symbolic victory. It signals a deeper shift in how investors are valuing the future of technology, placing AI infrastructure at the very core (read: NVIDIA Reclaims $3 Trillion: ETFs to Bet On). Since bottoming at just over $94 in early April, NVIDIA stock has soared nearly 50%, adding over $1 trillion in market cap in less than two months. That rally was supercharged by robust first-quarter earnings, continued strength in AI chip demand and major expansion with U.S. export restrictions limiting sales to China, NVIDIA has managed to accelerate delivery of its cutting-edge Blackwell AI servers to core customers like Microsoft and other hyperscalers. This is not just resilience, it's strategic dominance. Though the AI darling lagged the Zacks Consensus Estimate, it reported record-breaking revenues largely driven by a booming data center business and incredible demand for its latest AI chips. Data Center revenues, which account for much of NVIDIA's revenues, jumped 73% year over year to $39.1 billion (read: ETFs to Buy After NVIDIA's Q1 Earnings Miss, Record Revenues). The demand for NVIDIA's AI chips, especially for large cloud providers and AI supercomputing, continues to surge. NVIDIA is building factories in the United States and working with its partners to produce AI supercomputers. NVIDIA CEO Jensen Huang said, "Countries around the world are recognizing AI as essential infrastructure – just like electricity and the internet – and NVIDIA stands at the center of this profound transformation." Its chief financial officer, Colette Kress, said that Microsoft has 'deployed tens of thousands of Blackwell GPUs and is expected to ramp to hundreds of thousands' of the company's GB200 product, due largely to its partnership with OpenAI. NVIDIA is also accelerating its global expansion. It recently announced plans to build AI factories in the United States and Saudi Arabia and launched the Stargate UAE AI infrastructure cluster in Abu Dhabi. Furthermore, NVIDIA has expanded collaborations with major cloud providers, including Oracle, Google, and Microsoft. Its Blackwell-based cloud instances are now available on AWS, Google Cloud, Microsoft Azure and Oracle Cloud Jensen Huang revealed the company is considering the development of a new AI chip designed specifically for the Chinese market. The move comes in response to expanded U.S. government export controls that have effectively blocked the sale of NVIDIA's H20 chips — part of its high-performance Hopper series — to China. With the massive gains, NVIDIA is back in positive territory for the year, gaining 5%. The stock is currently trading at a P/E ratio of 32.40, slightly lower than 32.80 for the Semiconductor - General industry. Analysts remain optimistic about the chipmaker's growth prospects, citing strong demand for AI chips and strategic international partnerships. Further, the stock is currently trading at a PEG ratio of 1.15, much lower than the industry average of 2.18. The lower the PEG ratio, the better the value, as investors would pay less for each unit of earnings. While there are many ETFs in the space that could capitalize on the solid growth of NVIDIA, we have highlighted those that have the largest allocation to the AI chipmaker. Strive U.S. Semiconductor ETF (SHOC) – NVIDIA exposure: 23.3%VanEck Vectors Semiconductor ETF (SMH) – NVIDIA exposure: 21.5%VanEck Fabless Semiconductor ETF (SMHX) - NVIDIA exposure: 21.2%YieldMax Target 12 Semiconductor Option Income ETF (SOXY) - NVIDIA exposure: 19.8%Columbia Select Technology ETF (SEMI) - NVIDIA exposure: 17.6% Risk-aggressive investors could bet on single-stock ETFs with 200% exposure to NVIDIA. These include the T-REX 2X Long NVIDIA Daily Target ETF NVDX and the GraniteShares 2x Long NVDA Daily ETF NVDL (read: Guide to the 10 Most Popular Leveraged ETFs). Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Microsoft Corporation (MSFT) : Free Stock Analysis Report NVIDIA Corporation (NVDA) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research
Associated Press
36 minutes ago
- Associated Press
Reddit sues AI company Anthropic for allegedly 'scraping' user comments to train chatbot Claude
Social media platform Reddit has sued the artificial intelligence company Anthropic, alleging that it is illegally 'scraping' the comments of Reddit users to train its chatbot Claude. Reddit claims that Anthropic has used automated bots to access Reddit's content despite being asked not to do so, and 'intentionally trained on the personal data of Reddit users without ever requesting their consent.' Anthropic didn't immediately return a request for comment Wednesday. The claim was filed Wednesday in the Superior Court of California in San Francisco. 'AI companies should not be allowed to scrape information and content from people without clear limitations on how they can use that data,' said Ben Lee, Reddit's chief legal officer, in a statement Wednesday. Reddit has previously entered licensing agreements with Google, OpenAI and other companies to enable them to train their AI systems on Reddit commentary. Those agreements 'enable us to enforce meaningful protections for our users, including the right to delete your content, user privacy protections, and preventing users from being spammed using this content,' Lee said.
