AI-powered threats widen cyber resilience gap for executives

LevelBlue has published new research examining how artificial intelligence is influencing cyber resilience strategies within organisations globally.

The 2025 LevelBlue Futures Report surveyed 1,500 C-suite and senior executives across 14 countries and seven sectors, including energy, finance, healthcare, manufacturing, retail, transportation, and US SLED (state, local government, and higher education).

According to the findings, 29% of executives report feeling prepared for AI-powered threats, while 42% believe such threats are likely to occur. This signals a significant preparedness gap as artificial intelligence becomes a more prominent feature in both technological advancement and adversarial activity.

The research also found that 48% of respondents acknowledge a need to improve their defences against AI-powered cyber adversaries. Meanwhile, 59% of executives note that it is becoming increasingly difficult for employees to distinguish genuine threats from benign activity as AI-powered technologies make attacks more sophisticated.

Despite these concerns, only 29% of executives say they are hesitant to incorporate AI tools and technologies due to cybersecurity risks, suggesting that most organisations are continuing with AI integration while attempting to manage the associated risks.

When considering specific attack types, just 32% of respondents believe their organisation is prepared for deepfake-related incidents, although 44% expect to face such threats in 2025. Synthetic identity attacks are also anticipated to increase in frequency, adding to the mounting challenges posed by AI-enabled adversaries.

Theresa Lanowitz, Chief Evangelist of LevelBlue, said, "In 2025, AI is forcing organisations to pivot once again. Our research shows that leaders are becoming more aware of the threats they face, and elevating cyber resilience measures accordingly. However, they still underestimate the potential risk of AI-powered cyberattacks and have extensive work ahead to properly prepare and protect themselves."

There has been a pronounced shift in how organisations position cyber resilience within their operations over the past year. The report shows that 45% of executives now view cyber resilience as a company-wide priority, rather than solely a cybersecurity concern, up from 27% the previous year.

Alignment between cybersecurity teams and other business functions is increasing, with 66% of executives indicating that their cybersecurity teams now collaborate with lines of business. Furthermore, nearly half (43%) of executives in cyber-resilient organisations report increased boardroom engagement on resilience-related topics, compared to 37% of executives overall.

Among the surveyed organisations, those identified as cyber resilient appear to benefit from a more adaptive approach to security. Specifically, 79% of cyber-resilient organisations claim that adaptive cybersecurity policies allow their company to take greater risks with innovation.

Additional findings reveal that 41% of organisations have experienced a "significantly higher" level of attack volume. Regarding resource allocation, 61% of cyber-resilient leaders reported dedicating their cybersecurity budgets to new initiatives from the outset, compared to 46% of the overall sample. Moreover, 53% of cyber-resilient organisations are investing significantly in advanced threat detection systems.

Media coverage is also playing a role in shaping organisational priorities, with 68% of respondents saying that reports of high-profile breaches have elevated cybersecurity on the C-suite agenda.

The LevelBlue Futures Report outlines four recommended steps for organisations to bolster cyber resilience. These include elevating cyber resilience throughout the organisation, embedding cybersecurity responsibilities across all functions, adopting proactive strategies rather than reactive ones, and prioritising resilience in the software supply chain.