Latest news with #2025DataThreatReport
Techday NZ
22-05-2025
- Business
- Techday NZ
Organisations boost AI security as data threats & risks evolve
Thales has released its 2025 Data Threat Report, showing that nearly 70% of surveyed organisations view the rapid development of artificial intelligence, particularly generative AI, as their primary security concern related to the technology's adoption. The survey, conducted by S&P Global Market Intelligence 451 Research, captured the opinions of more than 3,000 IT and security professionals across 20 countries and 15 industries, providing insight into current and emerging data security threats faced by businesses worldwide. The report indicates that three key concerns consistently emerged regarding artificial intelligence: the pace of development (cited as the leading risk by nearly seven in ten respondents), followed by questions over AI's integrity (64%), and its trustworthiness (57%). Spending on generative AI security has seen a marked increase since previous years. Seventy-three percent of respondents said their organisations were now investing in AI-specific security tools, with funding sourced either from new or existing budgets. Security for generative AI has risen to become the second highest security spending priority after cloud security. Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, described the pressures companies are facing. "The fast-evolving GenAI landscape is pressuring enterprises to move quickly, sometimes at the cost of caution, as they race to stay ahead of the adoption curve," he said. "Many enterprises are deploying GenAI faster than they can fully understand their application architectures, compounded by the rapid spread of SaaS tools embedding GenAI capabilities, adding layers of complexity and risk." The report highlights that organisations are adapting different strategies to address AI-related security challenges. Over two-thirds have obtained security tools directly from their cloud providers, while three in five are relying on established security vendors, and nearly half are working with startups specialising in this area. Adoption of generative AI is already well underway in many firms, with a third of surveyed organisations indicating that the technology is either being integrated into their operations or is actively transforming them. As agentic AI applications develop – those capable of decision-making or acting on data – the importance of ensuring data quality and security grows further. The risk environment for organisations, however, remains complex. Malicious software, or malware, continues to be reported as the most persistent attack vector since 2021. This year, phishing rose to become the second most common type of attack, while ransomware dropped to third place. The report notes a modest decline in the rates of reported data breaches: 56% of respondents experienced such an incident in 2021, compared to 45% in 2025. The percentage reporting a breach within the previous 12 months also fell, from 23% in 2021 to 14% in 2025. The report also details the shifting landscape of cyber threat actors. External sources, especially hacktivists and nation-state actors, are now seen as the most concerning, with human error falling to third place as a source of breaches in the current year's results. Quantum computing is generating increased concern among organisations regarding the security of encrypted data. The top quantum-related risk identified by 63% of respondents is the potential compromise of today's encrypted data – the fear that quantum computers could one day break through current or future encryption protocols, exposing sensitive information. Other major threats include vulnerabilities in encryption key distribution, cited by 61%, and the so-called "harvest now, decrypt later" risk, identified by 58%, relating to the collection of encrypted data today for decryption once quantum capabilities mature. The report found that half of surveyed organisations are reassessing their encryption strategies in response to these threats, and 60% are in the process of either prototyping or evaluating post-quantum cryptography solutions. Only one in three organisations reported that they trust telecoms or cloud providers to manage this transition. Todd Moore, Global Vice President, Data Security Products at Thales, commented on the findings: "The clock is ticking on post-quantum readiness. It's encouraging that three out of five organizations are already prototyping new ciphers, but deployment timelines are tight and falling behind could leave critical data exposed," he said. "Even with clear timelines for transitioning to PQC algorithms, the pace of encryption change has been slower than expected due to a mix of legacy systems, complexity, and the challenge of balancing innovation with security." The results of the 2025 Data Threat Report indicate that while there have been improvements in the overall security posture of organisations, further efforts will be required to fully address the risks and operational demands posed by emerging technologies such as generative AI and quantum computing.
Techday NZ
20-05-2025
- Business
- Techday NZ
Organisations prioritise AI security as GenAI adoption accelerates
Thales has published the findings of its 2025 Data Threat Report, identifying that nearly 70% of organisations consider the rapid progression of artificial intelligence, particularly generative AI, as the primary security concern associated with its adoption. The report, produced in partnership with S&P Global Market Intelligence 451 Research, is based on a survey of over 3,100 IT and security professionals across 20 countries and 15 industries. It highlights that, beyond the speed of AI development, 64% of respondents cited concerns around AI integrity, while 57% pointed to questions regarding the trustworthiness of these technologies. The survey results reflect a significant shift in how organisations are engaging with generative AI, with one third of respondents indicating that it is either being integrated or is actively transforming their operations. According to the report, as agentic AI increases in prominence and is relied upon to make decisions and generate content, the overall quality and sensitivity of data involved becomes ever more crucial to ensure sound outputs and organisational security. The research found that organisations are moving from experimenting with GenAI to operational deployment. However, this transition brings greater security risks. The findings suggest that many organisations are not waiting to secure their systems or fully optimise their technology stacks prior to implementing GenAI, potentially exposing themselves to vulnerabilities. Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, commented, "The fast-evolving GenAI landscape is pressuring enterprises to move quickly, sometimes at the cost of caution, as they race to stay ahead of the adoption curve. Many enterprises are deploying GenAI faster than they can fully understand their application architectures, compounded by the rapid spread of SaaS tools embedding GenAI capabilities, adding layers of complexity and risk." With the growing recognition of the risks associated with AI, 73% of surveyed organisations report investing in AI-specific security tools—either by allocating new budgets or by adjusting existing ones. Security for generative AI has become the second highest priority for IT security spending, second only to cloud security, the report found. Organisations are adopting a range of solutions: more than two-thirds have obtained tools from cloud providers, three in five are employing established security vendors, and nearly half are considering options from start-up firms. This year's report also tracks a modest reduction in the rate of data breaches. In 2021, 56% of organisations surveyed reported having experienced a breach, but this has declined to 45% in 2025. The share of organisations reporting a breach in the preceding 12 months has dropped from 23% in 2021 to 14% in 2025, according to the survey data. In terms of threats, malware remains the most prevalent attack method since 2021, while phishing has moved to second place, surpassing ransomware, which now ranks third. When analysing threat actors, external sources—namely hacktivists and nation-state actors—are reported as most concerning. Human error, though still significant, has dropped to third position in perceived threat sources. Quantum computing was identified as a further emerging concern, with 63% of respondents pointing to the potential risk that quantum technologies could eventually compromise both current and future encryption standards. There is also anxiety around key distribution vulnerabilities (cited by 61%) and the "harvest now, decrypt later" threat (raised by 58%), whereby intercepted encrypted data might be decrypted at a future date when quantum resources become more widely available. In response, half of the organisations surveyed are currently evaluating their encryption strategies to address quantum risks, and 60% are either prototyping or assessing post-quantum cryptography solutions. Only a third reported relying on their telecommunications or cloud providers to facilitate the transition to post-quantum security standards. Todd Moore, Global Vice President, Data Security Products at Thales, said, "The clock is ticking on post-quantum readiness. It's encouraging that three out of five organisations are already prototyping new ciphers, but deployment timelines are tight and falling behind could leave critical data exposed. Even with clear timelines for transitioning to PQC algorithms, the pace of encryption change has been slower than expected due to a mix of legacy systems, complexity, and the challenge of balancing innovation with security." The 2025 Thales Data Threat Report concludes that, while improvements in security postures are evident, further steps are necessary to adapt operational data security measures for evolving technologies such as generative AI and to mitigate risks around the adoption of emerging technology across industries.
