Cisco’s State of AI Security 2025

Keypoints

• The annual cybersecurity reports by major vendors typically include sections such as executive summaries, threat landscapes, policy developments, research insights, and security recommendations, offering a structured overview of current threats, trends, and mitigation strategies.
• These reports highlight key statistics, such as the rapid adoption of AI technologies—72% of surveyed organizations integrated AI in 2024, yet only 13% feel fully prepared to leverage AI securely, revealing a significant readiness gap.
• Major trends include a rise in AI infrastructure attacks, supply chain vulnerabilities, and AI-specific attack techniques like prompt injection, data poisoning, and model extraction, underscoring the evolving threat landscape.
• Recurring themes emphasize the increasing sophistication of AI threats, the need for robust security standards, and ongoing international policy efforts to regulate AI development and deployment across regions like the EU, US, and Asia.
• Significant findings reveal recent high-profile breaches, such as the compromise of NVIDIA’s container toolkit and open-source AI frameworks, which expose vulnerabilities in AI infrastructure that can cascade across multiple sectors.
• Emerging attack vectors include jailbreaking large language models, indirect prompt injections, training data extraction, and malicious supply chain components, which can compromise AI integrity and confidentiality.
• The reports document AI’s dual role in both enabling cyberattacks—through automation and social engineering—and requiring new defensive measures like AI-specific security standards and international cooperation frameworks to mitigate risks.