Insights on Cybersecurity from the Cisco 2025 Readiness Index

A double-blind survey conducted with 8,000 companies and cybersecurity leaders across 30 global markets

The growing complexity of threats in today’s digital landscape demands even more robust security preparedness across all industries. According to the latest Cisco 2025 Cybersecurity Readiness Index, organizations face alarming challenges despite increased investments in this critical area.

Based on a double-blind survey conducted with 8,000 companies and cybersecurity leaders across 30 global markets, the report provides a detailed analysis of how businesses are adapting to evolving threats. Representing sectors such as financial services, retail, technology services, and manufacturing, respondents shared their experiences and strategies for addressing contemporary digital risks.

Here are the key trends and lessons revealed in this report.

The Five Pillars of Cybersecurity Readiness

The Readiness Index evaluates organizations’ performance across five essential pillars of cybersecurity, which are critical for building a resilient posture: Identity Intelligence, Machine Trust, Network Resilience, Cloud Reinforcement, and AI Reinforcement. Each represents a key area of defense against the rise of cyber threats.

1. Identity Intelligence

Identity-based attacks dominate incidents, with cybercriminals targeting compromised user accounts for malicious purposes. Despite advancements in frameworks like Zero Trust, only 6% of companies achieve full maturity in identity protection.

To counter these sophisticated attacks, many organizations are adopting AI-driven solutions to strengthen identity security. Tools such as behavioral analysis and risk-based access analysis are gaining traction, but their overall adoption remains slow.

Developing a robust identity strategy, supported by AI, emerges as a major asset, although implementation complexity remains a recurring obstacle.

2. Machine Trust

Ensuring device integrity, especially in hybrid work environments, adds an extra layer of difficulty for cybersecurity teams. Only 12% of companies have reached maturity in securing machine trust, despite advancements in endpoint protection and anomaly detection.

With the rise of connected devices and unmanaged endpoints, companies are turning to automated, AI-powered solutions for real-time threat detection. However, gaps persist in deploying key solutions such as mobile device management (MDM) and machine update policies.

3. Network Resilience

Securing networks remains one of the most complex pillars, with only a 7% maturity rate recorded in 2025. Hybrid networks and cloud environments add complexity. The exploitation of old vulnerabilities continues, highlighting weaknesses in patch management.

However, the integration of AI is beginning to transform network defense, particularly in anomaly detection and encrypted traffic analysis. It is essential for companies to prioritize segmentation and micro-segmentation to reduce their attack surface and improve readiness.

4. Cloud Reinforcement

Cloud adoption has accelerated, but this pillar shows little progress in maturity, with only 4% of companies classified as mature in using advanced cloud solutions. Many still struggle to fully deploy hybrid Zero Trust architectures and apply consistent policies across platforms.

An increasing proportion of companies recognize the importance of AI-enhanced cloud defenses, but obstacles such as cost and complexity hinder implementation.

5. AI Reinforcement

AI is both an opportunity and a challenge for cybersecurity. While companies are increasingly using AI for threat intelligence and automation, trust in these systems remains limited. The report highlights that only 33% of organizations are comfortable fully automating their cybersecurity with AI.

The use of AI in detection (85%) and incident response (71%) is progressing. However, a significant divide remains: organizations are cautiously testing AI systems before any widespread deployment across their IT infrastructures.

Recommendations

To strengthen their readiness and anticipate emerging threats, the Cisco report offers the following recommendations for each pillar:

• Identity Intelligence: Define a solid identity security strategy, including full visibility, Zero Trust with password-less and/or multi-factor authentication, supported by AI-enhanced detections.
• Machine Trust: Implement a Zero Trust model to verify every user and device before granting network access. This model ensures trusted access and serves as both the first and last line of defense.
• Network Resilience: Give this pillar maximum attention and go beyond partial implementation to prepare networks for the AI era.
• Cloud Reinforcement: Move beyond fragmented strategies and invest in a unified, proactive model reinforced by AI.
• AI Reinforcement: Establish a robust strategy to secure both the use of AI technologies and the models on which they rely.

The Cisco 2025 Cybersecurity Readiness Index sharply reminds businesses to proactively address their security gaps. Each pillar is interconnected—whether it’s protecting identities, securing cloud infrastructures, or building trust in AI automation. Neglecting one dimension exposes organizations to significant risks.

Investing in automation, AI-driven tools, and comprehensive employee training will help companies combat increasingly sophisticated and complex digital risks. Bridging these gaps is not just about mitigating risks but also about strengthening resilience against ever-pressing digital threats.