SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Ransomware
#
DevOps

Fortra's 2025 cybersecurity survey: key risk findings

Today
Author image
By Shannon Williams, Journalist

Fortra has unveiled the findings of its 2025 State of Cybersecurity Survey, highlighting significant shifts in perceived risks and cybersecurity strategies worldwide.

The survey sheds light on prevalent concerns among security professionals, with phishing and smishing topping the list at 83%, followed by malware and ransomware at 71%, social engineering at 60%, accidental data loss and leakage at 58%, and evolving technologies like generative AI at 50%. The concern over evolving technology has risen by 15% compared to 2024, attributed to the rapid emergence of AI-driven sites and services.

Security professionals are gearing up to address these challenges by prioritising closing security gaps (77%), enhancing security culture and awareness (75%), and mitigating outsider threats such as phishing and malware (73%) over the next six to twelve months.

"Phishing continues to be the most pervasive daily threat for companies around the world," stated Matt Reck, CEO of Fortra. "In fact, this attack vector is often the source of malware and ransomware, which seventy-one percent of these security professionals also identified as a top risk."

Constraints on budgets compound the challenges for security leaders as they attempt to balance evolving cybersecurity needs. A notable 45% indicated a skills gap, an increase of six percentage points from 2024, signalling a growing reliance on managed services. Outsourcing practices are gaining traction, with 60% looking to outsource penetration testing, 56% for email security and anti-phishing, and 47% for vulnerability management, thus reducing the operational load on in-house teams. This shift helps meet compliance standards such as GDPR, PCI DSS, and HIPAA, allowing staff to focus on strategic projects.

"These survey insights remind us that cybersecurity fundamentals remain essential to put threat actors on the defensive," remarked Reck. "This means educating employees about how to spot and thwart phishing attempts and bolstering SOCs with automation to simplify the routine daily tasks associated with security diligence. We know threat actors look to AI as well as dark web capabilities to devise and launch new attacks. Organizations must be ready."

A notable change in this year's survey is the reduced perception of the threat posed by zero-day attacks, which exploit unknown vulnerabilities. The percentage of respondents identifying this risk as a top-five concern fell to 38% from 50% the previous year.

The 2025 State of Cybersecurity Survey captures insights from a diverse range of professionals across numerous roles and industries, with the dominant sectors being technology, finance, government, manufacturing, and healthcare. Participants span various regions, including the United States, Europe, Canada, the Middle East, Africa, Asia, India, Latin America, Australia, New Zealand, and the Caribbean.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
New SparkCat Trojan targets AppStore & Google Play users
Advisory dispels myths threatening organisational security
WatchGuard joins AWS ISV Accelerate Program for growth
Proofpoint named Governance leader in 2025 Gartner Magic Quadrant
Cyber threats to Microsoft 365 via HTTP client tools surge
Top stories
Harness & Traceable merge to lead in AI-driven DevSecOps
Proofpoint named a Leader in 2025 Gartner Magic Quadrant
Only 14% balance data security with business goals
Cybercrime surges as global threat to national security
Akamai unveils comprehensive cybersecurity guide for 2025