Further, more than 1 in 3 (38%) security professionals say ransomware will become even more dangerous when powered by AI
Ivanti, the enterprise software company that provides a comprehensive IT and security cloud-based platform, released its latest report, 2025 State of Cybersecurity Report: Paradigm Shift, which surveyed over 2,400 executive leaders and cybersecurity professionals to understand today’s most pressing cybersecurity threats. The research shows that ransomware is the top predicted threat for 2025, which is especially concerning given more than one in three (38%) security professionals say ransomware will become even more dangerous when powered by AI.
Also Read: Making Microsoft SQL Server HA and DR Completely Bulletproof
In comparison to the threat level, only 29% of security professionals say they are very prepared for ransomware attacks – leaving a significant gap in preparedness (29%), highlighting the need for more robust security measures. In today’s landscape, a more sophisticated and adaptable approach to cybersecurity is necessary, one that takes into account the trade-offs between business risk and reward, rather than solely focusing on absolute protection. Exposure management offers a more effective solution for managing and mitigating risk in this complex environment.
Ivanti’s research shows that the concept of exposure management is well understood; for example, 49% of security professionals say their company leaders possess a high level of understanding for exposure management. Yet, organizations are not taking steps to embrace the practice; just 22% say they are increasing investments in exposure management in 2025.
“Business leaders are now having to get used to considering the impact that cyber risk has on broader business risk. Exposure management is a tool to help organizations evaluate vulnerabilities and risks across a range of objectives – including business goals – to deliberately balance security and operations,” said Daniel Spicer, Chief Security Officer at Ivanti. “However, for exposure management to be successful, organizations should ensure collaboration between security and other departments, conduct risk assessments that align with the organization’s risk appetite, and prioritize mitigation of the most impactful vulnerabilities.”
Also Read: The Arbitrage Opportunity of Small Language Models: Unlocking AI Efficiency and Performance
Ivanti’s research identifies several key findings:
- Assessing Risk Tolerance: Even though 83% of security teams claim to have a documented framework for identifying risk tolerance, just over half (51%) of these individuals state that their current framework is not closely followed, rendering it nearly as ineffective as not having a framework at all.
- Tackling Tech Debt Concerns: Among security and leadership professionals, 1 in 3 say tech debt is a serious concern, which compromises security posture and hampers growth and innovation. For instance, 37% say they can’t uphold basic security practices, and 43% say their systems are more susceptible to security breaches due to accumulated tech debt.
- Data Silo Damages: Most organizations continue to operate in silos, leading to significant data blind spots — areas with insufficient data to make informed security decisions — which challenges managing security risks. For instance, 62% of respondents claim silos slow security response times and 53% note weakened security postures.
The report’s findings underscore the need for organizations to fully adopt exposure management, break down operational silos and tackle technical debt to enhance their security posture and support business growth. By fostering collaboration between security professionals and business leaders, and implementing comprehensive risk management strategies, organizations can drive resilience and maintain a competitive edge.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
