IT Professionals Brace for 2025 Threats as U.S. Businesses Face Growing AI-Enhanced Cyberattacks
September 2024 by GetApp
GetApp’s 6th Annual Data Security Report reveals that 37% of U.S. IT professionals view AI-enhanced attacks as their primary concern for 2025, with AI-enhanced malware cited as the top AI-generated threat by 60% of global IT professionals. While phishing and ransomware attacks remain prevalent and pervasive, the increasing sophistication of AI-augmented threats signals the need for businesses to prioritize new defensive strategies.
© Diego Cervo
This survey of 4,000 cybersecurity and IT professionals from 11 countries, including 500 U.S. IT professionals, uncovers five additional key trends and how to address them:
Ransomware remains a significant challenge, but recovery rates are improving.
In 2024, ransomware attacks affected 44% of U.S. companies, with 43% of those paying a ransom. However, 36% of businesses were able to recover their data without payment, indicating improvements in incident response and decryption capabilities.
Phishing is still widespread despite ongoing prevention efforts.
Phishing continues to plague businesses with 87% of U.S. organizations reporting phishing attempts in the past 12 months. Alarmingly, 74% of employees who received a phishing email clicked on malicious links, highlighting the ongoing need for security awareness training.
Cloud security vulnerabilities are a growing concern.
As more businesses adopt cloud solutions, 56% of data breaches in the U.S. were attributed to software vulnerabilities, emphasizing the importance of securing cloud-based infrastructure.
U.S. data breaches are below global averages, but risks remain high.
The U.S. fared better than its global counterparts in terms of data breaches, with 54% of businesses reporting them in 2024 compared to the global average of 62%. Despite this, over half of U.S. organizations still experienced a breach, underscoring the need for continued vigilance.
Multi-factor authentication (MFA) adoption rises as cyberthreats evolve.
Over half (51%) of U.S. companies have implemented MFA for all applications, higher than the global average of 44%. This increased use of MFA is helping businesses fend off some of the most damaging cyberattacks.
"Increased investments in MFA are certainly paying off, but AI is pushing cyberattacks into uncharted territory and businesses can’t afford to fall behind," says David Jani, security analyst at GetApp. "While efforts to mitigate risks like ransomware and phishing are improving, AI-driven threats require a faster, more adaptive approach. The companies that succeed in 2025 will be the ones that enhance their defenses now."