In accordance with Thales, AI and quantum threats have catapulted to the highest of the fear record for organisations wrestling with knowledge safety. That’s the important thing takeaway from the cybersecurity large’s 2025 Knowledge Menace Report, an annual deep dive into the most recent knowledge safety threats, rising tendencies, and scorching subjects.
This yr’s findings are stark: virtually seven out of ten organisations now see the sheer pace of AI growth – particularly the place generative AI is worried – because the primary safety headache associated to its adoption. This anxiousness isn’t nearly tempo; it’s additionally fed by considerations over a elementary lack of integrity in AI programs (flagged by 64% of these surveyed) and a troubling deficit in trustworthiness (a fear for 57%).
Generative AI is a data-hungry beast, relying closely on high-quality, typically delicate, data for core features like coaching fashions, making inferences, and, after all, producing content material.
As we make fast developments in “agentic AI” – programs that may act extra autonomously – the stress to make sure knowledge high quality is excessive calibre turns into much more vital. In any case, sound decisionmaking and dependable actions from AI programs rely completely on the information they’re fed.
Many organisations are already diving in, with a 3rd of respondents indicating generative AI is both being actively built-in or is already a pressure for transformation inside their operations.
Safety threats enhance as organisations embrace generative AI
As generative AI throws up a posh net of knowledge safety challenges whereas concurrently providing strategic avenues to bolster defences, its rising integration indicators a definite shift. Companies are transferring past simply dipping their toes within the AI water; they’re now extra mature, operational deployments.
Apparently, whereas most respondents tabbed the swift uptake of GenAI as their largest safety concern, these additional alongside the AI adoption curve aren’t hitting the pause button to utterly lock down their programs or fine-tune their tech stacks earlier than forging forward. This sprint for fast transformation – typically overshadowing efforts to make sure organisational readiness – may imply these corporations are, maybe unwittingly, creating their very own most critical safety weak spots.
Eric Hanselman, Chief Analyst at S&P International Market Intelligence 451 Analysis, stated: “The fast-evolving GenAI panorama is pressuring enterprises to maneuver shortly, typically at the price of warning, as they race to remain forward of the adoption curve.
“Many enterprises are deploying GenAI quicker than they’ll totally perceive their software architectures, compounded by the fast unfold of SaaS instruments embedding GenAI capabilities, including layers of complexity and danger.”
On a extra optimistic word, 73% of respondents report they’re placing cash into AI-specific safety instruments to counter threats, both by means of recent budgets or by reshuffling present sources. These making AI safety a precedence are additionally diversifying their approaches: over two-thirds have sourced instruments from their cloud suppliers, three in 5 are turning to established safety distributors, and virtually half want to new or rising startups for options.
What’s notably telling is how shortly safety for generative AI has climbed the spending charts, nabbing the second spot in ranked-choice voting, simply pipped to the publish by the perennial concern of cloud safety. This shift powerfully underscores the rising recognition of AI-driven dangers and the pressing want for specialised defences to counter them.
Knowledge breaches present modest decline, although threats stay elevated
Whereas the nightmare of an information breach nonetheless looms massive for a lot of, their reported frequency has really dipped barely over the previous few years.
Again in 2021, 56% of enterprises surveyed stated they’d skilled a breach in some unspecified time in the future; that determine has eased to 45% within the 2025 report. Delving deeper, the share of respondents reporting a breach inside the final 12 months has dropped from 23% in 2021 to a extra encouraging 14% in 2025.
In relation to the persistent villains of the risk panorama, malware continues to steer the pack, holding onto its prime spot since 2021. Phishing has craftily climbed into second place, nudging ransomware down to 3rd.
As for who’s inflicting probably the most concern, exterior actors dominate: hacktivists are presently seen as the first menace, adopted by nation-state actors. Human error, while nonetheless a major issue, has slipped to 3rd, down one place from the earlier yr.
Distributors pressed on readiness for quantum threats
The 2025 Thales Knowledge Menace Report additionally casts a revealing gentle on the rising unease inside most organisations about quantum-related safety dangers.
The highest risk right here, cited by a hefty 63% of respondents, is the looming hazard of “future encryption compromise.” That is the unsettling prospect that highly effective quantum computer systems may sooner or later shatter present and even future encryption algorithms, exposing knowledge beforehand considered securely locked away.
Scorching on its heels, 61% recognized key distribution vulnerabilities, the place quantum breakthroughs may undermine the strategies we use to securely change encryption keys. Moreover, 58% highlighted the “harvest now, decrypt later” (HNDL) risk – a chilling state of affairs the place encrypted knowledge, scooped up immediately, might be decrypted by highly effective quantum machines sooner or later.
In response to those gathering clouds, half of the organisations surveyed are taking a tough take a look at their present encryption methods with 60% already prototyping or evaluating post-quantum cryptography (PQC) options. Nonetheless, it appears belief is a scarce commodity, as solely a 3rd are pinning their hopes on telecom or cloud suppliers to navigate this complicated transition for them.
Todd Moore, International VP of Knowledge Safety Merchandise at Thales, commented: “The clock is ticking on post-quantum readiness. It’s encouraging that three out of 5 organisations are already prototyping new ciphers, however deployment timelines are tight and falling behind may depart vital knowledge uncovered.
“Even with clear timelines for transitioning to PQC algorithms, the tempo of encryption change has been slower than anticipated resulting from a mixture of legacy programs, complexity, and the problem of balancing innovation with safety.”
There’s clearly much more work to be executed to get operational knowledge safety actually up to the mark, not simply to assist the superior capabilities of rising applied sciences like generative AI, but additionally to put down a safe basis for no matter threats are simply across the nook.
(Picture by Pete Linforth)
See additionally: AI device accelerates authorities suggestions, specialists urge warning
Need to study extra about cybersecurity and the cloud from business leaders? Try Cyber Security & Cloud Expo happening in Amsterdam, California, and London. The great occasion is co-located with different main occasions together with Digital Transformation Week, IoT Tech Expo, Blockchain Expo, and AI & Big Data Expo.
Discover different upcoming enterprise know-how occasions and webinars powered by TechForge here.
